600-211 SPCDMA Implementing Cisco Service Provider Mobility CDMA Networks (SPCDMA)

600-211 SPCDMA Implementing Cisco Service Provider Mobility CDMA Networks (SPCDMA)

Exam Number 600-211 SPCDMA
Associated Certifications Cisco Service Provider Mobility CDMA to LTE Specialist
Duration 90 Minutes (65-75 questions)
Available Languages English

This exam tests a candidate’s knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in Code Division Multiple Access (CDMA) packet core networks. The exam includes information on 3GPP2 standardized technologies that are implemented on the Packet Data Serving Node (PDSN) and the Home Agent (HA), as well as, PDSN and HA interaction with authentication, charging, and billing components. This exam also includes configuration details of how the PDSN and HA components, as well as, the HRPD Serving Gateway (HSGW) are implemented on the Cisco ASR 5000 Series system. This exam is a requirement in order to attain the Cisco Service Provider Mobility CDMA to LTE Specialist certification.

The 600-211 SPCDMA Implementing Cisco CDMA Packet Core Networks exam tests a candidate’s knowledge of the skills required to understand and implement technologies, components, architecture fundamentals, and products that are found in Code Division Multiple Access (CDMA) packet core networks.

The Implementing Cisco CDMA Packet Core Networks (600-211 SPCDMA) exam is a 90-minute, 65–75 question assessment within Cisco’s Service Provider Specialist certification. This exam tests a candidate’s knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in Code Division Multiple Access (CDMA) packet core networks. The exam includes information on 3GPP2 standardized technologies that are implemented on the Packet Data Serving Node (PDSN) and the Home Agent (HA), as well as, PDSN and HA interaction with authentication, charging, and billing components. This exam also includes configuration details of how the PDSN and HA components, as well as, the HRPD Serving Gateway (HSGW) are implemented on the Cisco ASR 5000 Series system. This exam is a requirement in order to attain the Cisco Service Provider Mobility CDMA to LTE Specialist certification. Candidates can prepare for this exam by taking the Implementing Cisco Service Provider Mobility CDMA Networks (SPCDMA) v1.0 training course.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 CDMA 4%

1.1 Identify key functions of CDMA and basic understanding of architecture and interfaces

1.2 Describe the attach procedure and call flow

2.0 MIP/Proxy MIP/Simple IP 9%

2.1 Simple IP

2.1.a Describe Simple IP protocol and interfaces

2.2 Mobile IP

2.2.a Describe Mobile IP protocol and interfaces
2.2.b Describe Mobile IP registration/registration revocation
2.2.c Describe MIPv4 in foreign agent mode

2.3 Proxy MIP

2.3.a Describe proxy MIPv6 protocol and interfaces
2.3.b Describe dual stack mobile IPv6 protocol and interfaces
2.3.c Describe integration with LTE networks

3.0 Diameter (MPC centric) 11%

3.1 Define and understand diameter base protocol

3.2 Understand transport layer functionality of diameter protocol

3.3 Understand and implement diameter routing agents

3.4 Understand diameter peer discovery

3.5 Understanding diameter message processing

3.6 Understanding diameter error handling mechanism

3.7 Describe and understand diameter re-authorization procedure

3.8 Describe and understand DCCA model

4.0 Tunneling Protocols 12%

4.1 Basics of tunneling and encryption

4.1.a Identify application of tunneling in wireless data networks

4.2 Generic Routing Encapsulation (GRE)

4.2.a Identify applications of GRE in wireless data networks
4.2.b Configure GRE tunnels
4.2.c Troubleshoot GRE tunnels

4.3 Layer 2 Tunneling Protocol (L2TP)

4.3.a Identify applications of l2TP in wireless data networks
4.3.b Describe LNS selection and load balancing
4.3.c Describe L2TP over IPSec
4.3.d Configuring L2TP tunnels
4.3.e Troubleshoot L2TP tunnels

4.4 Internet Protocol Security (IPsec)

4.4.a Configure IPSec tunnels on the GGSN
4.4.b Identify applications of IPSec tunnels as applied to mobile wireless networks
4.4.c Describe IPSec for IPv6
4.4.d Troubleshoot IPSec

4.5 MPLS over BGP

4.5.a Describe MPLS over BGP in mobile packet core networks
4.5.b Configure MPLS over BGP
4.5.c Troubleshoot MPLS over BGP

5.0 Home Agent (3G CDMA) 11%

5.1 Network functions HA

5.1.a Describe the HA architecture and interfaces
5.1.b Describe the IPv4 and IPv6 address allocation to UE
5.1.c Explain the basic functions of EVDO-RevA QoS

5.2 Authentication and Authorization

5.2.a Configure and implement RADIUS authentication and authorization

5.3 Accounting and Charging

5.3.a Configure and implement RADIUS Accounting
5.3.b Configure and implement Online Charging (OCS) via Gy interface
5.3.c Configure and implement Offline Charging (OFCS) via Rf/Ga interface
5.3.d Configure and implement the Enhanced Charging Service
5.3.e Configure and implement EDR/UDR
5.3.f Configure and implement policy and charging control via Gx interface

5.4 SGi Termination

5.4.a Configure and implement various tunneling GRE, IP-in-IP, IPSec

6.0 PDSN/Foreign Agent (3G CDMA node) 13%

6.1 Network functions PDSN

6.1.a Describe the PDSN architecture and interfaces
6.1.b Describe IPv4 address allocation to UE for Simple IP
6.1.c Configure SIP/PMIP/MIP

6.2 Authentication and Authorization

6.2.a Configure and implement RADIUS authentication and authorization

6.3 Accounting and Charging

6.3.a Configure and implement RADIUS accounting
6.3.b Configure and implement the enhanced charging service
6.3.c Configure and implement EDR/UDR

6.4 Configure and implement RP interfaces to RNC/PCF

7.0 HSGW (4G EHRPD node) 20%

7.1 Network functions HSGW

7.1.a Basic understanding of HSGW architecture and interfaces
7.1.b Basic understanding of HSGW call flows MIP/PMIP/QoS
7.1.c Basic understanding of MAG service on HSGW
7.1.d Basic understanding of LMA service on PGW
7.1.e Basic understanding of PGW selection
7.1.f Optimized and non-optimized handover between 3GPP and non-3GPP

7.2 Authentication and Authorization

7.2.a Configure and implement STa diameter authentication and authorization

7.3 Accounting and Charging

7.3.a Configure and implement Online charging (OCS) via Gy interface
7.3.b Configure and implement Offline charging (OFCS)

7.4 Policy

7.4.a Configure and implement policy via Gxa interface

7.5 Radio Network Interface

7.5.a Configure and implement RP interfaces to eRNC

8.0 Inline Services 20%

8.1 Packet Inspection

8.1.a Explain common L7 applications
8.1.b Describe packet processing by the traffic inspection engine
8.1.c Describe and configuration of rules to be used for traffic inspection
8.1.d Describe and configuration of the charging rules
8.1.e Configure charging policies
8.1.f Design and configuration of rule bases, and designs the priorities for the rules and their corresponding charging policies
8.1.g Describe Handling of VOIP traffic
8.1.h Configure post processing rules
8.1.i Troubleshoot packet Inspection

8.2 P2P Detection

8.2.a Configure the rules for the various P2P applications
8.2.b Describe mechanism of updating the software to detect newer P2P applications

8.3 Content Filtering

8.3.a Describe the various content filtering mechanisms available
8.3.b Describe ICAP protocol
8.3.c Configure content filtering
8.3.d Troubleshoot content filtering

8.4 Firewall Policies

8.4.a Describe the basics of stateful attacks
8.4.b Configure access rules
8.4.c Troubleshoot firewall policies

8.5 NAT

8.5.a Configure NAT IP Pools and Port Chunk Groups to be used
8.5.b Configure the NAT accounting records
8.5.c Troubleshoot NAT

8.6 Event Based Charging

8.6.a Configure Event Data Records (EDRs)
8.6.b Configuration flow based charging records (Enhanced GCDR Records)
8.6.c Describe report generation using EDRs for different types

8.7 Fraud Detection

8.7.a Describe DNS snooping
8.7.b Explain the various mechanisms available for detection of tethered traffic
8.7.c Describe updating the database for the list of known tethered devices
8.7.d Configure fraud detection
8.7.e Troubleshoot fraud detection

8.8 HTTP Header Enrichment

8.8.a Describe HTTP header enrichment
8.8.b Configure HTTP header enrichment
8.8.c Troubleshoot HTTP header enrichment

QUESTION 1
Which interface carries signaling information between PCF and PDSN?

A. A8
B. A9
C. A10
D. A11

Answer: D

Explanation:


QUESTION 2
Which underlying protocol is used for RADIUS messages in CDMA?

A. TCP
B. SCTP
C. UDP
D. ICMP

Answer: C

Explanation:


QUESTION 3
Which protocol is used during PPP negotiation to assign an IP address to the mobile device for a
simple IP call?

A. LCP
B. IPCP
C. CHAP
D. EAP

Answer: B

Explanation:


QUESTION 4
Which is an attribute in MIP RRQ?

A. Correlation ID
B. NAS-Identifier
C. Framed-IP-Address
D. Care-of-Address
E. Framed-Interface-ID

Answer: D

Explanation:


QUESTION 5
Which bit in HA Registration Revocation message is used by PDSN/FA to determine Mobile
notification?

A. ‘A’ bit
B. ‘I’ bit
C. ‘M’ bit
D. ‘R’ bit

Answer: B

Explanation:

Click here to view complete Q&A of 600-211 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 600-211 Certification, Cisco 600-211 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

600-210 SPUMTS Implementing Cisco Service Provider Mobility UMTS Networks (SPUMTS)

Exam Number 600-210 SPUMTS
Associated Certifications Cisco Service Provider Mobility UMTS to LTE Specialist
Duration 90 Minutes (65-75 questions)
Available Languages English

The 600-210 SPUMTS exam tests a candidate’s knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in Universal Mobile Telecommunications System (UMTS) packet core networks. The exam includes information on standardized technologies that are implemented on the Serving GPRS Support Node (SGSN) and the Gateway GPRS Support Node (GGSN), as well as, their interaction with authentication, charging, and billing components in the network of the mobile operator. This exam also includes configuration details of how these components are implemented on the Cisco ASR 5000 Series system.

Exam Description
The Implementing Cisco UMTS Packet Core Networks (600-210 SPUMTS) exam is a 90-minute, 65–75 question assessment within Cisco’s Service Provider Specialist certification. This exam tests a candidate’s knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in Universal Mobile Telecommunications System (UMTS) packet core networks. The exam includes information on standardized technologies that are implemented on the Serving GPRS Support Node (SGSN) and the Gateway GPRS Support Node (GGSN), as well as, their interaction with authentication, charging, and billing components in the network of the mobile operator. This exam also includes configuration details of how these components are implemented on the Cisco ASR 5000 Series system. This exam is a requirement in order to attain the Cisco Service Provider Mobility UMTS to LTE Specialist certification. Candidates can prepare for this exam by taking the Implementing Cisco Service Provider Mobility UMTS Networks (SPUMTS) v1.0 training course.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 GPRS/UMTS 3%
1.1 Understand and describe GSM/GPRS and UMTS architecture

2.0 SS7 GTT/MAP 11%
2.1 Describe application of SS7 in wireless networks
2.2 Describe SIGTRAN protocol stacks (M3UA) and MTP3 based routing
2.3 Describe SCCP layer and Global Title Translation (GTT) mechanism
2.4 Analyze Global Title Translation (GTT) Case studies in mobile
2.5 Describe Application layer protocols

3.0 Tunneling Protocols (GTP) 15%
3.1 Describe the basics of GTP and packet structure
3.2 Identify different versions of GTP and compare them
3.3 Describe GTP tunnel, location and mobility management messages and their relevance
3.4 Describe failure and Recovery procedures
3.5 Configure GTP end points between UMTS nodes and LTE nodes
3.6 Troubleshoot GTP

4.0 SGSN (3G UMTS Node) 20%

4.1 Network functions 2G/3G SGSN and call flows
4.1.a Describe SGSN architecture and interfaces
4.1.b Identify SGSN functions
4.1.c Describe protocol stacks and procedures
4.1.d Describe mobility management signaling and call flows
4.1.e Describe session management signaling and call flows
4.1.f Describe GS interface procedures
4.1.g Describe Gd interface procedures

4.2 Configuration

4.2.a Configuration of IU interfaces over both IU/IP and IU/ATM
4.2.b Configuration of the Gr interface for both narrow band SS7 and sigtran
4.2.c Configuration of the Gn /Gp interface
4.2.d Configuration of the Gs interface towards the MSC
4.2.e Configuration of the Gb interface
4.2.f Configuration of the Gd interface
4.2.g Describe SGSN Operator policy structure and feature sets
4.2.h Configure SGSN Operator policy and feature sets
4.2.i Troubleshooting SGSN configurations

4.3 Policing architecture

4.3.a Describe SGSN pooling, key benefits and design considerations
4.3.b Configure SGSN pooling
4.3.c Describe offloading mechanism in pooling
4.3.d Configure MSC pooling architecture
4.3.e Describe MSC offloading in an SGSN pooled network

4.4 Direct tunnel

4.4.a Implement direct tunnel in a SGSN network
4.4.b Explain subscriber movement from one tunnel to two tunnel functionality
4.4.c Troubleshooting Direct tunnel

4.5 Network sharing

4.5.a Describe and implement MOCN architecture
4.5.b Describe and implement GWCN architecture

4.6 Security functions

4.6.a Describe GSM and UMTS security principles
4.6.b Describe different security architecture in UMTS

4.7 QoS functions

4.7.a Describe session management QoS functions
4.7.b Describe R99 and R97 QoS Conversion
4.7.c Configure QoS negotiations and override function

4.8 S4-SGSN

4.8.a Describe evolution to S4-SGSN
4.8.b Describe Mobility management signaling and call flows for S4-SGSN
4.8.c Describe location management signaling and call flows for S4-SGSN
4.8.d Describe location management signaling and call flows for S4-SGSN
4.8.e Configure basic S4-SGSN
4.8.f Troubleshooting S4-SGSN

5.0 Diameter (MPC centric) 12%

5.1 Define and understand diameter base protocol

5.2 Understand transport layer functionality of diameter protocol

5.3 Understand and implement diameter routing agents

5.4 Understand diameter peer discovery

5.5 Understanding diameter message processing

5.6 Understanding diameter error handling mechanism

5.7 Describe and understand diameter re-authorization procedure

5.8 Describe and understand DCCA model

6.0 Tunneling Protocols (Others) 13%

6.1 Basics of tunneling and encryption

6.1.a Identify application of tunneling in wireless data networks

6.2 GRE

6.2.a Identify applications of GRE in wireless data networks
6.2.b Configure GRE tunnels
6.2.c Troubleshoot GRE tunnels

6.3 Layer 2 Tunneling Protocol (L2TP)

6.3.a Identify applications of l2TP in wireless data networks
6.3.b Describe LNS selection and load balancing
6.3.c Describe L2TP over IPSec
6.3.d Configuring L2TP tunnels
6.3.e Troubleshoot L2TP tunnels

6.4 Internet Protocol Security (IPsec)

6.4.a Configure IPSec tunnels on the GGSN
6.4.b Identify applications of IPSec tunnels as applied to Mobile wireless networks
6.4.c Describe IPSec for IPV6
6.4.d Troubleshoot IPSec

6.5 MPLS over BGP

6.5.a Describe MPLS over BGP in Mobile Packet Core Networks
6.5.b Configure MPLS over BGP
6.5.c Troubleshoot MPLS over BGP

7.0 GGSN (3G UMTS node) 13%

7.1 Architecture Overview

7.1.a Identify key functions of the GGSN, and also understanding of the various interfaces

7.2 Implement Gn/Gp Interface

7.2.a Describe GTP protocol
7.2.b Describe call flows for mobility management/session management
7.2.c Configure Gn/Gp Interface
7.2.d Troubleshoot Gn/Gp Interface

7.3 APN

7.3.a Identify various IP address allocation mechanisms
7.3.b Describe the concept of virtual APNs
7.3.c Describe IP source address validation and access control list
7.3.d Configure APN
7.3.e Troubleshoot APN

7.4 Implement Gx Interface

7.4.a Identify important diameter AVPs needed for Gx
7.4.b Describe basic Gx call flows
7.4.c Configure Gx interface
7.4.d Troubleshoot Gx interface
7.4.e Configure failure handling modes
7.4.f Selection of OCS based on static configuration, RADIUS attributes and PCRF
7.4.g Describe out-of-quota redirection handling

7.5 Implement Gy Interface

7.5.a Identify important diameter AVPs needed for Gy
7.5.b Describe basic Gy call flows
7.5.c Configure Gy interface
7.5.d Troubleshoot Gy interface
7.5.e Identify and describe common policy use cases
7.5.f Configure failure handling modes
7.5.g Configure usage monitoring over Gy

7.6 Implement AAA Interface

7.6.a Describe basic AAA authentication and accounting call flows
7.6.b Identify and describe important RADIUS attributes for authentication and accounting
7.6.c Configure AAA interface
7.6.d Troubleshoot AAA interface

7.7 Internetworking with non-3GPP access networks

7.7.a Describe non-3GPP IRAT handovers to GPRS/UMTS networks
7.7.b Configure Gn’ interface
7.7.c Troubleshooting non-3GPP access networks

7.8 Gi interface

7.8.a Configure and implement various IP transport types
7.8.b Configure and implement static and dynamic routing protocols

8.0 Inline Services 13%

8.1 Packet inspection

8.1.a Explain common L7 applications
8.1.b Describe packet processing by the traffic inspection engine
8.1.c Describe and configure rules to be used for traffic inspection
8.1.d Describe and configure charging rules
8.1.e Configure charging policies
8.1.f Design and configure rulebases, and the priorities for the rules and their corresponding charging policies
8.1.g Describe handling of VOIP traffic
8.1.h Configure post processing rules
8.1.i Troubleshoot packet Inspection

8.2 P2P detection

8.2.a Configure the rules for the various P2P applications
8.2.b Describe mechanism of updating the software to detect newer P2P applications

8.3 Content filtering

8.3.a Describe the various content filtering mechanisms available
8.3.b Describe ICAP protocol
8.3.c Configure content filtering
8.3.d Troubleshoot content filtering

8.4 Firewall policies

8.4.a Describe the basics of stateful attacks
8.4.b Configure access rules
8.4.c Troubleshoot firewall policies

8.5 NAT

8.5.a Configure NAT IP Pools, and Port Chunk Groups to be used
8.5.b Configure the NAT accounting records
8.5.c Troubleshoot NAT

8.6 Event-based charging

8.6.a Configure Event Data Records (EDRs)
8.6.b Configuration flow based charging records (Enhanced GCDR Records)
8.6.c Describe report generation using EDRs for different types

8.7 Fraud detection

8.7.a Describe DNS snooping
8.7.b Explain the various mechanisms available for detection of tethered traffic
8.7.c Describe updating the database for the list of known tethered devices
8.7.d Configure fraud detection
8.7.e Troubleshoot fraud detection

8.8 HTTP header enrichment

8.8.a Describe HTTP header enrichment
8.8.b Configure HTTP header enrichment
8.8.c Troubleshoot HTTP header enrichment


QUESTION 1
Which organization developed and maintains the Universal Mobile Telecommunications System?

A. 3GPP2
B. 3GPP
C. ITU
D. ANSI

Answer: B


QUESTION 2
Which two services does GPRS support? (Choose two.)

A. MMS
B. SMS
C. Video Calling
D. EMM
E. ESM

Answer: A,B


QUESTION 3
Which part of the OSI model contains the Signalling Connection Control Part protocol?

A. Data link layer
B. Network layer
C. Transport layer
D. Application layer
E. Presentation layer

Answer: B


QUESTION 4
What two routing keys can be used to filter SS7 messages? (Choose two.)

A. DPC
B. DPC [+SSN]
C. IMEI
D. MSISDN
E. IMEISV

Answer: A,B


QUESTION 5
In MGT-based routing, which option is the GT address format of the called party?

A. E.212
B. E.164
C. E.412
D. E.214
E. E.216

Answer: D

Click here to view complete Q&A of 600-210 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 600-210 Certification, Cisco 600-210 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

600-199 SCYBER Securing Cisco Networks with Threat Detection and Analysis

Exam Number 600-199 SCYBER
Associated Certifications Cisco Cybersecurity Specialist
Duration 60 minutes (50 – 60 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

This exam is aimed at testing the knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today. Designed for professional security analysts, the exam covers essential areas of competency, including event monitoring, security event/alarm/traffic analysis, and incident response.

The following course is the recommended training for this exam.

Securing Cisco Networks with Threat Detection and Analysis
Courses listed are offered by Cisco Learning Partners-the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the List of Learning Partners for a Cisco Learning Partner nearest you.

Exam Description
The Securing Cisco Networks with Threat Detection and Analysis (SCYBER) exam is the exam associated with the Cisco Cybersecurity Specialist certification. This exam is aimed at testing the knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today. Designed for professional security analysts, the exam covers essential areas of competency including event monitoring, security event/alarm/traffic analysis, and incident response.

Recommended Training
The following course is the recommended training for this exam:

Securing Cisco Networks with Threat Detection and Analysis – (SCYBER)

1.0 Information Gathering and Security Foundations 13%
1.1 Describe basic network topologies, application architecture, and host configuration standards
1.2 Identify the services a network and security operations center offers to an organization
1.3 Describe traditional hacking techniques
1.4 Describe basic operational procedures and incident response processes of a security operations center
1.5 Describe basic network security events
1.6 Describe mission-critical network traffic and functions, applications, services, and device behaviors
1.7 Describe corporate security policies
1.8 Describe the role of a network security analyst
1.9 Describe the primary sources of data on vendor vulnerabilities, current threats, exploits, and active attacks
1.10 Describe how vulnerability, attack, and threat data impact operations
1.11 Describe the baseline of a network profile
1.12 Describe correlation baselines (use NetFlow output to validate normal traffic vs. non-normal)
1.13 Describe security around local business process and infrastructure and applications
1.14 Describe risk analysis mitigation

2.0 Event Monitoring 16%
2.1 Describe the various sources of data and how they relate to network security issues
2.2 Monitor the collection of network data as it relates to network security issues
2.3 Monitor and validate health state and availability of devices
2. Monitor DNS query log output (monitor telemetry data to validate devices)
2.5 Identify a security incident (single or recurrent)
2.6 Describe the best practices for evidence collection and forensic analysis
2.7 Describe the different types and severity of alarms and events

3.0 Security Events and Alarms 16%
3.1 Identify and dismiss false positive indicators correctly
3.2 Describe event correlation within the context of the various alarms and corporate infrastructure architecture
3.3 Assess traffic and events in relation to stated policies
3.4 Identify actionable events
3.5 Identify basic incident types
3.6 Describe event metrics and diagnostic procedures

4.0 Traffic Analysis, Collection, and Correlation 24%
4.1 Describe IP packet structures
4.2 Describe TCP and UDP header information
4.3 Analyze network traces or TCP dumps and trace back to actual activities
4.4 Describe packet analysis in IOS
4.5 Describe access packets in IOS
4.6 Acquire network traces
4.7 Configure packet capture

5.0 Incident Response 16%
5.1 Describe standard corporate incident response procedure and escalation policies
5.2 Identify necessary changes to enhance the existing procedure, policy, and decision tree
5.3 Describe the basic emergency mitigation of high-level threats, exploits, and vulnerabilities
5.4 Evaluate and recommend responses to vulnerabilities to ensure adequate monitoring response and mitigation
5.5 Assist level 2 incident response team to mitigate issues
5.6 Describe best practices for post-event investigation
5.7 Describe common legal and compliance issues in security event handling

6.0 Operational Communications 15%
6.1 Describe the communication vehicles related to post-threat remediation
6.2 Generate incident reports and interpret the information to determine the direction of the escalation
6.3 Describe the different types of available metrics and channel to appropriate personnel
6.4 Process incident handling communications and provide context awareness for stakeholders
6.5 Articulate details of problems to remediating teams (constituent-based groups)
6.6 Maintain awareness regarding vulnerabilities and the recommended critical security patches as a result from incident handling
6.7 Communicate recurring issues based on incident handling and provide recommendations for architectural changes or modifications and articulate
6.8 Describe the post-mortem process


QUESTION 1
Which network management protocol relies on multiple connections between a managed device
and the management station where such connections can be independently initiated by either
side?

A. SSH
B. SNMP
C. Telnet
D. NetFlow

Answer: B

Explanation:


QUESTION 2
When an IDS generates an alert for a correctly detected network attack, what is this event called?

A. false positive
B. true negative
C. true positive
D. false negative

Answer: C

Explanation:


QUESTION 3
When is it recommended to establish a traffic profile baseline for your network?

A. outside of normal production hours
B. during a DDoS attack
C. during normal production hours
D. during monthly file server backup

Answer: C

Explanation:


QUESTION 4
Which two activities would you typically be expected to perform as a Network Security Analyst?
(Choose two.)

A. Verify user login credentials.
B. Troubleshoot firewall performance.
C. Monitor database applications.
D. Create security policies on routers.

Answer: B,D

Explanation:


QUESTION 5
Which protocol is typically considered critical for LAN operation?

A. BGP
B. ARP
C. SMTP
D. GRE

Answer: B

Explanation:

Click here to view complete Q&A of 600-199 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 600-199 Certification, Cisco 600-199 Training at certkingdom.com

 

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

500-285 SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System (SSFIPS)

Validating Knowledge (not for Cisco Certification)

Advanced Security Architecture Specialization

As a Cisco Advanced Specialized Partner, you’ll be known for having a higher level of technical expertise than most IT partners. You can give customers more advanced solutions for their business needs – whether they’re small businesses, large enterprises, or anything in between.

With this specialization you can:
Extend security capabilities with a broad portfolio of integrated solutions
Access training to gain product expertise and learn how to integrate security across your portfolio
Create a sales pipeline, enhance profitability with Cisco incentives, and participate in the Value Incentive Program
Increase deal size through architecture cross-sell opportunities
Find and sell tested, validated security solutions that come with special pricing when you sell them

You can also take advantage of special discounts, and be recognized in Partner Locator. Stay informed with Announcements.

The Master Security Specialization builds on the Advanced Security Specialization and demonstrates the highest level of expertise with Security solutions. Learn more.


QUESTION 1
What are the two categories of variables that you can configure in Object Management?

A. System Default Variables and FireSIGHT-Specific Variables
B. System Default Variables and Procedural Variables
C. Default Variables and Custom Variables
D. Policy-Specific Variables and Procedural Variables

Answer: C

Explanation:


QUESTION 2
Which option is true regarding the $HOME_NET variable?

A. is a policy-level variable
B. has a default value of “all”
C. defines the network the active policy protects
D. is used by all rules to define the internal network

Answer: C

Explanation:


QUESTION 3
Which option is one of the three methods of updating the IP addresses in Sourcefire Security
Intelligence?

A. subscribe to a URL intelligence feed
B. subscribe to a VRT
C. upload a list that you create
D. automatically upload lists from a network share

Answer: C

Explanation:


QUESTION 4
Which statement is true in regard to the Sourcefire Security Intelligence lists?

A. The global blacklist universally allows all traffic through the managed device.
B. The global whitelist cannot be edited.
C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer.
D. The Security Intelligence lists cannot be updated.

Answer: C

Explanation:


QUESTION 5
How do you configure URL filtering?

A. Add blocked URLs to the global blacklist.
B. Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.
C. Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.
D. Create a variable.

Answer: C

Explanation:

Click here to view complete Q&A of 500-285 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-285 Certification, Cisco 500-285 Training at certkingdom.com

 

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

500-280 SSFSNORT Securing Cisco Networks with Open Source Snort (SSFSNORT) for Validating Knowledge

QUESTION 1
Which protocol operates below the network layer?

A. UDP
B. ICMP
C. ARP
D. DNS

Answer: C

Explanation:


QUESTION 2
Which area is created between screening devices in an egress/ingress path for housing web, mail,
or DNS servers?

A. EMZ
B. DMZ
C. harbor
D. inlet

Answer: B

Explanation:


QUESTION 3
What does protocol normalization do?

A. compares evaluated packets to normal, daily network-traffic patterns
B. removes any protocol-induced or protocol-allowable ambiguities
C. compares a packet to related traffic from the same session, to determine whether the packet is
out of sequence
D. removes application layer data, whether or not it carries protocol-induced anomalies, so that
packet headers can be inspected more accurately for signs of abuse

Answer: B

Explanation:


QUESTION 4
On which protocol does Snort focus to decode, process, and alert on suspicious network traffic?

A. Apple talk
B. TCP/IP
C. IPX/SPX
D. ICMP

Answer: B

Explanation:


QUESTION 5
Which technique can an intruder use to try to evade detection by a Snort sensor?

A. exceed the maximum number of fragments that a sensor can evaluate
B. split the malicious payload over several fragments to mask the attack signature
C. disable a sensor by exceeding the number of packets that it can fragment before forwarding
D. send more packet fragments than the destination host can reassemble, to disable the host
without regard to any intrusion-detection devices that might be on the network

Answer: B

Explanation:

Click here to view complete Q&A of 500-280 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-280 Certification, Cisco 500-280 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

500-275 SSFAMP Securing Cisco Networks with Sourcefire FireAMP Endpoints (SSFAMP)


QUESTION 1
The FireAMP connector monitors the system for which type of activity?

A. vulnerabilities
B. enforcement of usage policies
C. file operations
D. authentication activity

Answer: C

Explanation:


QUESTION 2
Which disposition can be returned in response to a malware cloud lookup?

A. Dirty
B. Virus
C. Malware
D. Infected

Answer: C

Explanation:


QUESTION 3
The FireAMP Mobile endpoint connector currently supports which mobile OS device?

A. Firefox
B. HTML5
C. Android
D. iPhone

Answer: C

Explanation:


QUESTION 4
If a file’s SHA-256 hash is sent to the cloud, but the cloud has never seen the hash before, which
disposition is returned?

A. Clean
B. Neutral
C. Malware
D. Unavailable

Answer: B

Explanation:


QUESTION 5
Which statement describes an advantage of the FireAMP product?

A. Signatures are pushed to endpoints more quickly than other antivirus products.
B. Superior detection algorithms on the endpoint limit the amount of work the cloud must perform.
C. It provides enterprise visibility.
D. It relies on sandboxing.

Answer: C

Explanation:

 

Click here to view complete Q&A of 500-275 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-275 Certification, Cisco 500-275 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

500-254 ISE Implementing and Configuring Cisco Identity Services Engine

Exam Number 500-254 ISE
Duration 65 minutes (50-60 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

The Implementing and Configuring Identity Services Engine (ISE) (500-254) exam tests a candidate’s knowledge on how to setup, configure, and implement Cisco ISE services to authenticate and authorize users before allowing access to the network. Topics covered include implementing 802.1X authentication, MAC Authentication Bypass, Web Authentication, ISE profiling, guest, posture services, and creating high-level-design document.

The exam is closed book and no outside reference materials are allowed. The following topics are general guidelines for the content that is likely to be included on the practical exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the following guidelines may change at any time without notice.

6% 1.0 Building a Network Design for the ISE Platform
1.1 Introducing the TrustSec Solution and ISE Platform Architecture

24% 2.0 Deploying the Cisco Identity Services Engine
2.1 Installing the ISE Software
2.2 Integrating the ISE into Microsoft Active Directory
2.3 Configuring The ISE for Redundancy and Scaling

47% 3.0 Implementing Classification and Policy Enforcement
3.1 Configuring the ISE for MAC Address Bypass (MAB)
3.2 Configuring the ISE for wired and wireless 802.1X authentication

3.3 Deploying VPN-based services using the Cisco ASA and Inline Posture
3.4 Configuring web authentication using the ISE
3.5 Using the ISE for policy enforcement

18% 4.0 Configuring and verifying Profiling, Posturing, and Guest Services
4.1 Configuring ISE profiling services
4.2 Configuring ISE posture services
4.3 Configuring ISE guest services

4% 5.0 TrustSec Fundamentals Collapse
5.1 Introducing TrustSec fundamentals

1% 6.0 Creating a Low-Level Design for the ISE Collapse
6.1 Creating a high-level and low-level design for the ISE


QUESTION 1
Which two elements must you configure on a Cisco Wireless LAN Controller to allow Cisco ISE to
authenticate wireless users? (Choose two.)

A. Configure Cisco ISE as a RADIUS authentication server and enter a shared secret.
B. Configure Cisco ISE as a RADIUS accounting server and enter a shared secret.
C. Configure all attached LWAPs to use the configured Cisco ISE node.
D. Configure RADIUS attributes for each SSID.
E. Configure each WLAN to use the configured Cisco ISE node.
F. Configure the Cisco Wireless LAN Controller to join a Microsoft Active Directory domain.

Answer: A,E

Explanation:


QUESTION 2
Which three Cisco TrustSec enforcement modes are used to help protect network operations
when securing the network? (Choose three.)

A. logging mode
B. monitor mode
C. semi-passive mode
D. low-impact mode
E. closed mode

Answer: B,D,E

Explanation:


QUESTION 3
Which statement is correct about Change of Authorization?

A. Change of Authorization is a fundamental component of Cisco TrustSec and Cisco ISE.
B. Change of Authorization can be triggered dynamically based on a matched condition in a
policy, and manually by being invoked by an administrator operation.
C. It is possible to trigger Change of Authorization manually from the ISE interface.
D. Authentication is the supported Change of Authorization action type.

Answer: D

Explanation:


QUESTION 4
The default Cisco ISE node configuration has which role or roles enabled by default?

A. Administration only
B. Inline Posture only
C. Administration and Policy Service
D. Policy Service, Monitoring, and Administration

Answer: D

Explanation:


QUESTION 5
Inline Posture nodes support which enforcement mechanisms?

A. VLAN assignment
B. downloadable ACLs
C. security group access
D. dynamic ACLs

Answer: B

Explanation:

 

Click here to view complete Q&A of 500-254 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-254 Certification, Cisco 500-254 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

New JavaScript spam wave distributes Locky ransomware

European countries are the most affected, but the U.S. and Canada have also been hit

Over the past week, computers throughout Europe and other places have been hit by a massive email spam campaign carrying malicious JavaScript attachments that install the Locky ransomware program.

Antivirus firm ESET has observed a spike in detections of JS/Danger.ScriptAttachment, a malware downloader written in JavaScript that started on May 22 and peaked on May 25.

Many countries in Europe have been affected, with the highest detection rates being observed in Luxembourg (67 percent), the Czech Republic (60 percent), Austria (57 percent), the Netherlands (54 percent) and the U.K. (51 percent). The company’s telemetry data also showed significant detection rates for this threat in Canada and the U.S.

JS/Danger.ScriptAttachment can download various malware programs, but recently it has been used to primarily distribute Locky, a widespread, malicious program that uses strong encryption to hold users’ files hostage.

While Locky doesn’t have any known flaws that would allow users to decrypt their files for free, security researchers from Bitdefender have developed a free tool that can prevent Locky infections in the first place. The tool makes the computer appear as if it’s already infected by Locky by adding certain harmless flags, which tricks the malware into skipping it.

The use of JavaScript-based attachments to distribute Locky began earlier this year, prompting Microsoft to post an alert about it in April.

The attachments are usually .zip archive files that contain .js or .jse files inside. These files with will execute directly on Windows without the need for additional applications.

However, it is very uncommon for people to send legitimate applications written in JavaScript via email, so users should avoid opening this kind of file.

 

Click here to view complete Q&A of 400-351 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 400-351 Certification, Cisco 400-351 Training at certkingdom.com

 

Posted in Tech | Tagged , , , , , , , , | Leave a comment

500-171 FPIMPADM Implementing and Administering the FlexPod Solution (FPIMPADM)

Prerequisites
No pre-requisites for this course

Course Content
This course is a three-day ILT training program that is designed for system and network engineers and administrators implementing and administering FlexPod solutions. This course covers key implementation procedures, management and basic troubleshooting tasks on the Cisco Nexus 5548UP, Cisco UCS and NetApp storage. Upon completing this course, the learner will be able to meet these overall objectives: – Identify the architecture, features and components of FlexPod – Describe implementation parameters for Components including Cisco Nexus 5500 switches, Cisco UCS and NetApp clustered Data ONTAP – Describe FlexPod management tools

Course Outline
FlexPod Overview – Lab 1-1: Understanding Connectivity in the FlexPod Environment FlexPod Networking – Lab 2-1: Cisco Nexus 5548 LAN Deployment – Lab 2-2 Cisco Nexus 5548 SAN Deployment FlexPod Storage Lab 3-1: NetApp Cluster Setup Lab 3-2: Assign VLAN Tags to NetApp ifgrps – Lab 3-3: Create Vservers to Serve Fibre Channel and NFS FlexPod Compute Lab 4-1: Configure Cisco UCS B-Series – Lab 4-2: Install ESXi 5.1 to a Boot LUN FlexPod Virtualization Lab 5-1: Connect vCenter to ESXi Server FlexPod Management and Troubleshooting Tools – Lab 6-2: Install Microsoft Hyper-V

Who Should Attend
The primary audience for this course is as follows: – Network engineers, Network administrators, Field Engineers The secondary audience for this course is as follows: – System Engineers, Consulting System Engineers and Server Administrators


QUESTION 1
Which three are true for UCS 2208XP? (Choose three)

A. Works with FI 6120 and FI 6296
B. Supports FCoE
C. Supports native FC
D. Has 32 10Gb ports to each half-width slot in the chassis
E. Supports 4 port port-channel toward FI 6140
F. Connects to both Fabric Interconnects for high availability

Answer: A,B,D

Explanation:


QUESTION 2
Which two are required for single-wire management for Cisco UCS C-Series? (Choose two)

A. UCS Manager 2.1 or higher
B. VIC 1240
C. Redundant Nexus 2232PP FEX
D. 10 GB LOM
E. FI 6200 family only
F. VIC 1225

Answer: A,F

Explanation:


QUESTION 3
Which policy detail should be set if you want a server to be exempt from all power capping?

A. Create a Power Control Policy and set Power Capping to No Cap
B. Create a Power Control Policy select cap and set the priority to 1
C. Create a Power Group with the appropriate chassis and set the Group Budget Power Cap (W) to 0.
D. The UCS Power Cap feature should not be utilized in a FlexPod environment.

Answer: A

Explanation:


QUESTION 4
Which two are correct about VSAN configuration within UCS Manager? (Choose two)

A. VSAN ID and FCoE VLAN ID have to match
B. VSAN can be configured as fabric interconnect specific
C. We can delete VSAN 1
D. VSAN IDs 3840-4079 are not available regardless of the Fabric Interconnect mode
E. VSAN can be configured as a global parameter
F. In addition to SAN tab, VSANs can be configured under UCSM Server tab as well

Answer: B,E

Explanation:


QUESTION 5
Which two are true about Fabric Interconnect L1 and L2 ports in cluster mode? (Choose two)

A. Fabric Interconnects connected via L1/L2 have to be the same model except during the upgrade
B. Ports are primarily used for management traffic, but can be used for data traffic as well
C. Fabric Interconnect ports L1 and L2 are 10 Gb links
D. Ports can only run as a port channel
E. Ports can only run as individual links
F. Ports can run as a port channel or as individual links

Answer: A,D

Explanation:

Click here to view complete Q&A of 500-171 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-171 Certification, Cisco 500-171 Training at certkingdom.com

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

500-170 FPDESGN

Exam Number 500-170 FPDESGN
Associated Certifications Cisco and NetApp FlexPod Design Specialist
Duration 60 Minutes (45 – 55 questions)
Available Languages English
Register Pearson VUE

The 500-170 FlexPod Design exam is the exam that will test System Engineers on their knowledge of FlexPod solution. This exam tests a candidate’s knowledge of tools and standards for assessing computing solution performance characteristics and requirements. In addition this exam will test a candidate’s knowledge of hardware components associated with the FlexPod Solution and the process for selecting proper hardware for a given set of requirements.

The FlexPod Design (FPDESGN) (500-170) exam is a 60-minute, 45-55 question exam that tests system engineers on their knowledge of the FlexPod solution. This exam tests a candidate’s knowledge of the tools and standards for assessing computing solution performance characteristics and requirements. In addition, this exam will test a candidate’s knowledge of the hardware components associated with the FlexPod solution and the process for selecting proper hardware for a given set of requirements.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Compute 22%
1.1 Hardware components
1.2 Configuration
1.3 High availability
1.4 SAN boot
1.5 Cisco UCS manager

2.0 Networking 18%
2.1 Hardware components
2.2 Configuration
2.3 SAN boot
2.4 High availability

3.0 Storage 16%
3.1 Hardware components
3.2 Configuration
3.3 SAN boot
3.4 High availability

4.0 Virtualization 28%
4.1 Hypervisor solutions
4.2 SAN boot

5.0 Management and Orchestration Tools 16%
5.1 Management tools
5.2 Design tools


QUESTION 1
What is the maximum aggregate traffic available to a half-width UCS B-Series blade in a 5108
Chassis with two 2208XP Fabric Extenders, Cisco VIC 1240 adapter, and Cisco Port Expander
Card for VIC 1240?

A. 40 Gb
B. 80 Gb
C. 120 Gb
D. 320 Gb

Answer: B

Explanation:


QUESTION 2
Which four are components of Cisco UCS stateless computing? (Choose four)

A. Utilization of service profiles to apply parameter settings from server hardware
B. Elements of a server’s personality, which may be included in a service profile, include firmware
versions, UUID, MAC Addresses, World Wide Names, and boot settings.
C. A one to one mapping of an application to a server
D. Boot from SAN
E. Every physical server in a Cisco UCS instance should remain anonymous until you associate a
service profile with it
F. A one to one mapping to the identity information burned into the hardware (mac addresses,
etc).

Answer: A,B,D,E

Explanation:


QUESTION 3
Which connectivity mode for Cisco UCS C-Series Rack-Mount Server management is supported
beginning with Cisco UCS Manager release version 2.1 and above?

A. Dual-wire Management
B. Single-wire Management
C. Quad-wire Management
D. Side Frame management

Answer: B

Explanation:


QUESTION 4
Which feature is supported for virtual machines configured with Direct Path I/O using Cisco Virtual
Machine Fabric Extender (VM-FEX) distributed switches?

A. vMotion
B. Record and Play
C. Fault tolerance
D. Unlimited DVS creation per Cisco UCS domain

Answer: A

Explanation:


QUESTION 5
Which four VLANs can be configured on UCS platform? (Choose four)

A. 1
B. 199
C. 1001
D. 3968
E. 4001
F. 4047
G. 4090
H. 4096

Answer: A,B,C,G

Explanation:

Click here to view complete Q&A of 500-170 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 500-170 Certification, Cisco 500-170 Training at certkingdom.com

 

Posted in Cisco | Tagged , , , , , , , , | Leave a comment

400-351 CCIE Wireless Exam Topics v3.0 and Topics v3.1

400-351 CCIE Wireless Exam Topics v3.0 and Topics v3.1

Exam Number 400-351
Associated Certifications CCIE Wireless
Duration 120 minutes (90 – 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

The Cisco CCIE Wireless Written Exam is a 2-hour test that will validate that a wireless engineer has the expertise to plan, design, implement, operate, and troubleshoot complex enterprise WLAN networks.

Written Exam Topics v3.0 (Recommended for candidates scheduled to take the test BEFORE July 25, 2016)

Written Exam Topics v3.1 (Recommended for candidates scheduled to take the test ON July 25, 2016 and beyond)

The Cisco CCIE® Wireless Written Exam (#400-351) is a 2-hour test with 90–110 questions that will validate that a wireless engineer has the expertise to plan, design, implement, operate and troubleshoot complex enterprise WLAN networks.

The exam is closed book and no outside reference materials are allowed. The following topics are general guidelines for the content that is likely to be included on the lab exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the following guidelines may change at any time without notice.

Written Exam Topics v3.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Planning & Designing WLAN Technologies 24%

1.1 Describe WLAN organizations and regulations

1.2 Describe IEEE 802.11 standards and protocols

1.3 Plan & design wireless solutions requirements

1.3.a Translate customer requirements into services and design recommendations
1.3.b Identify ambiguity and/or information gaps
1.3.c Evaluate interoperability of proposed technologies against deployed IP network infrastructure & technologies
1.3.d Select an appropriate deployment model
1.3.e Regulatory domains and country codes

1.4 RF planning, designing and validation

1.4.a RF Design / Site survey
1.4.a [i] Define the tasks/goals for a preliminary site survey
1.4.a [ii] Conduct the site survey
1.4.a [iii] Determine AP quantity, placement and antenna type
1.4.b Architect indoor and outdoor RF deployments
1.4.b [i] Coverage
1.4.b [ii] Throughput
1.4.b [iii] Voice
1.4.b [iv] Location
1.4.b [v] HD
1.4.c Construct an RF operational model that includes:
1.4.c [i] Radio resource management (Auto-RF, manual, hybrid, TPC and DCA)
1.4.c [ii] Channel use (radar, non-WiFi interference)
1.4.c [iii] Power level, overlap
1.4.c [iv] RF profiles
1.4.d Validate implemented RF deployment

2.0 Configure and Troubleshoot the Network Infrastructure 10%

2.1 Configure and troubleshoot wired infrastructure to support WLANs

2.1.a VLANs
2.1.b VTP
2.1.c STP
2.1.d Etherchannel
2.1.e HSRP
2.1.f VSS
2.1.g Stacking

2.2 Plan network infrastructure capacity

2.3 Configure and troubleshoot network connectivity for:

2.3.a WLAN clients
2.3.b WLCs
2.3.c Lightweight APs
2.3.d Autonomous APs

2.4 Configure and troubleshoot PoE for APs

2.5 Configure and troubleshoot QoS on the switching infrastructure

2.5.a MQC
2.5.b Mls qos

2.6 Configure and troubleshoot multicast on the switching infrastructure

2.6.a PIM-SM
2.6.b Auto-RP
2.6.c Static-RP
2.6.d IGMP
2.6.e IGMP snooping
2.6.f MLD

2.7 Configure and troubleshoot IPv4 connectivity

2.7.a Subnetting
2.7.b Static routing
2.7.c Basic OSPF
2.7.d Basic EIGRP

2.8 Configure and troubleshoot basic IPv6 connectivity

2.8.a Subnetting
2.8.b Static routing
2.8.c Basic OSPFv3
2.8.d Basic EIGRP address families

2.9 Configure and troubleshoot wired security

2.9.a ACLs (v4/v6)
2.9.b dot1X
2.9.c Port-security
2.9.d SXP, SGT

2.10 Configure and troubleshoot network services

2.10.a DNS
2.10.b DHCPv4 / DHCPv6
2.10.c NTP, SNTP
2.10.d SYSLOG
2.10.e SNMP
2.10.f CDP, LLDP
2.10.g SDG. mDNS

3.0 Configure and Troubleshoot an Autonomous Deployment Model 10%

3.1 Configuring and troubleshooting different modes and roles

3.1.a Root
3.1.b WGB
3.1.c Bridge

3.2 Configuring and troubleshooting SSID/MBSSID

3.3 Configuring and troubleshooting security

3.3.a L2 security policies
3.3.b Association filters
3.3.c PSPF
3.3.d Local radius
3.3.e dot1x profiles
3.3.f Guest

3.4 Configuring and troubleshooting radio settings

3.5 Configuring and troubleshooting multicast

3.6 Configuring and troubleshooting QoS

4.0 Configure and Troubleshoot a Unified Deployment Model (Centralized) 20%

4.1 Configuring and controlling management access

4.2 Configuring and troubleshooting interfaces

4.3 Configuring and troubleshooting lightweight APs

4.3.a dot1x
4.3.b LSC
4.3.c AP modes
4.3.d AP authentication / authorization
4.3.e Logging
4.3.f Local / global configuration

4.4 Configuring and troubleshooting high availability and redundancy

4.4.a Clients
4.4.b APs
4.4.c WLCs

4.5 Configuring and troubleshooting wireless segmentation

4.5.a RF profiles
4.5.b AP groups
4.5.c Flexconnect

4.6 Configuring and troubleshooting wireless security policies

4.6.a WLANs
4.6.b L2/L3 security
4.6.c Rogue policies
4.6.d Local EAP
4.6.e Local profiling
4.6.f ACLs
4.6.g Certificates

4.7 Configuring and troubleshooting Flexconnect and Office Extend

4.8 Configuring and troubleshooting Mesh

4.9 Implement RF management

4.9.a Static RF management
4.9.b Automatic RF management
4.9.c CleanAir
4.9.d Data rates

4.10 Configuring and troubleshooting WLC control plane security

4.10.a AAA
4.10.b CPU ACLs
4.10.c Management via wireless interface
4.10.d Management via dynamic interface

4.11 Configuring and troubleshooting mobility

4.11.a L2/L3 roaming
4.11.b Multicast optimization
4.11.c Mobility group scaling
4.11.d Inter-release controller mobility
4.11.e New mobility
4.11.f Mobility anchoring

4.12 Configuring and troubleshooting multicast

5.0 Configure and Troubleshoot a Unified Deployment Model (Converged) 14%

5.1 Configuring and controlling management access

5.2 Configuring and troubleshooting Interfaces

5.3 Configuring and troubleshooting lightweight APs

5.3.a dot1x
5.3.b AP authentication / authorization
5.3.c Logging
5.3.d Local / global configuration

5.4 Configuring and troubleshooting high availability and redundancy

5.4.a Clients
5.4.b APs
5.4.c WLCs

5.5 Configuring and troubleshooting wireless segmentation

5.5.a RF profiles
5.5.b AP groups

5.6 Configuring and Troubleshooting wireless security policies

5.6.a WLANs
5.6.b L2/L3 security
5.6.c Rogue policies
5.6.d Local EAP
5.6.e ACLs
5.6.f Certificates

5.7 Implement RF management

5.7.a Static RF management
5.7.b Automatic RF management
5.7.c CleanAir
5.7.d Data rates

5.8 Configuring and troubleshooting WLC control plane security

5.8.a AAA
5.8.b Basic control plane policing

5.9 Configuring and troubleshooting mobility

5.9.a L2/L3 roaming
5.9.b Multicast optimization
5.9.c Mobility group scaling
5.9.d Inter-release controller mobility
5.9.e Mobility anchoring
5.9.f SPG
5.9.g MC/MA

5.10 Configuring and troubleshooting multicast

6.0 Configure and Troubleshoot Security & Identity Management 12%

6.1 Configure and troubleshoot identity management

6.1.a Basic PKI for dot1x and webauth
6.1.b External identity sources (AD, LDAP)

6.2 Configure and troubleshoot AAA policies

6.2.a Client authentication and authorization
6.2.b Management authentication and authorization
6.2.c Client profiling and provisioning
6.2.d RADIUS attributes
6.2.e CoA

6.3 Configure and troubleshoot guest management

6.3.a Local web authentication
6.3.b Central web authentication
6.3.c Basic sponsor policy

7.0 Configure and Troubleshoot Prime Infrastructure and MSE 10%

7.1 Configure and troubleshoot management access

7.1.a AAA
7.1.b Virtual domain

7.2 Perform basic operations

7.2.a Create and deploy templates
7.2.b Operate maps
7.2.c Import infrastructure devices
7.2.d High availability
7.2.e Audits
7.2.f Client troubleshooting
7.2.g Notification receivers
7.2.h Reports

7.3 Perform maintenance operations

7.3.a Background tasks
7.3.b SW image management

7.4 Security management

7.4.a Understand rogue management
7.4.b Manage alarms and events
7.4.c Understand security index

7.5 Implement and troubleshoot MSE

7.5.a Management access
7.5.b Network services
7.5.b [i] Location
7.5.b [ii] CMX
7.5.b [iii] CleanAir
7.5.b [iv] WIPS
7.5.c NMSP

7.6 Integrate ISE

7.7 Integrate netflow

8.0 Configure and Troubleshoot WLAN media and application services 10%

8.1 Configure and troubleshoot voice over wireless

8.1.a QoS profiles
8.1.b EDCA
8.1.c WMM
8.1.d BDRL
8.1.e Admission control
8.1.f MQC

8.2 Configuring and troubleshooting video and media

8.2.a Mediastream
8.2.b Multicast-direct
8.2.c Admission control

8.3 Configuring and troubleshooting mDNS

8.3.a mDNS proxy
8.3.b Service discovery
8.3.c Service filtering

8.4 Configuring and troubleshooting AVC and netflow
CCIE Wireless Written Exam (400-351) Version 3.1

Exam Description
The Cisco CCIE® Wireless Written Exam (400-351) version 3.1 is a 2-hour test with 90–110 questions that will validate that a wireless engineer has the expertise to plan, design, implement, operate and troubleshoot complex enterprise WLAN networks.

The exam is closed book and no outside reference materials are allowed. The following topics are general guidelines for the content that is likely to be included on the lab exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the following guidelines may change at any time without notice.

Written Exam Topics v3.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)

1.0 Planning & Designing WLAN Technologies 11%

1.1 Describe WLAN organizations and regulations

1.2 Describe IEEE 802.11 standards and protocols

1.3 Plan & design wireless solutions requirements

1.3.a Translate customer requirements into services and design recommendations
1.3.b Identify ambiguity and/or information gaps
1.3.c Evaluate interoperability of proposed technologies against deployed IP network infrastructure & technologies
1.3.d Select an appropriate deployment model
1.3.e Regulatory domains and country codes

1.4 RF planning, designing and validation

1.4.a RF Design / Site survey
1.4.a [i] Define the tasks/goals for a preliminary site survey
1.4.a [ii] Conduct the site survey
1.4.a [iii] Determine AP quantity, placement and antenna type
1.4.b Architect indoor and outdoor RF deployments
1.4.b [i] Coverage
1.4.b [ii] Throughput
1.4.b [iii] Voice
1.4.b [iv] Location
1.4.b [v] HD
1.4.c Construct an RF operational model that includes:
1.4.c [i] Radio resource management (Auto-RF, manual, hybrid, TPC and DCA)
1.4.c [ii] Channel use (radar, non-WiFi interference)
1.4.c [iii] Power level, overlap
1.4.c [iv] RF profiles
1.4.d Validate implemented RF deployment

2.0 Configure and Troubleshoot the Network Infrastructure 10%

2.1 Configure and troubleshoot wired infrastructure to support WLANs

2.1.a VLANs
2.1.b VTP
2.1.c STP
2.1.d Etherchannel
2.1.e HSRP
2.1.f VSS
2.1.g Stacking

2.2 Plan network infrastructure capacity

2.3 Configure and troubleshoot network connectivity for:

2.3.a WLAN clients
2.3.b WLCs
2.3.c Lightweight APs
2.3.d Autonomous APs

2.4 Configure and troubleshoot PoE for APs

2.5 Configure and troubleshoot QoS on the switching infrastructure

2.5.a MQC
2.5.b Mls qos

2.6 Configure and troubleshoot multicast on the switching infrastructure

2.6.a PIM-SM
2.6.b Auto-RP
2.6.c Static-RP
2.6.d IGMP
2.6.e IGMP snooping
2.6.f MLD

2.7 Configure and troubleshoot IPv4 connectivity

2.7.a Subnetting
2.7.b Static routing
2.7.c Basic OSPF
2.7.d Basic EIGRP

2.8 Configure and troubleshoot basic IPv6 connectivity

2.8.a Subnetting
2.8.b Static routing
2.8.c Basic OSPFv3
2.8.d Basic EIGRP address families

2.9 Configure and troubleshoot wired security

2.9.a ACLs (v4/v6)
2.9.b dot1X
2.9.c Port-security
2.9.d SXP, SGT

2.10 Configure and troubleshoot network services

2.10.a DNS
2.10.b DHCPv4 / DHCPv6
2.10.c NTP, SNTP
2.10.d SYSLOG
2.10.e SNMP
2.10.f CDP, LLDP
2.10.g SDG. mDNS

3.0 Configure and Troubleshoot an Autonomous Deployment Model 10%

3.1 Configuring and troubleshooting different modes and roles

3.1.a Root
3.1.b WGB
3.1.c Bridge

3.2 Configuring and troubleshooting SSID/MBSSID

3.3 Configuring and troubleshooting security

3.3.a L2 security policies
3.3.b Association filters
3.3.c PSPF
3.3.d Local radius
3.3.e dot1x profiles
3.3.f Guest

3.4 Configuring and troubleshooting radio settings

3.5 Configuring and troubleshooting multicast

3.6 Configuring and troubleshooting QoS

4.0 Configure and Troubleshoot a Unified Deployment Model (Centralized) 18%

4.1 Configuring and controlling management access

4.2 Configuring and troubleshooting interfaces

4.3 Configuring and troubleshooting lightweight APs

4.3.a dot1x
4.3.b LSC
4.3.c AP modes
4.3.d AP authentication / authorization
4.3.e Logging
4.3.f Local / global configuration

4.4 Configuring and troubleshooting high availability and redundancy

4.4.a Clients
4.4.b APs
4.4.c WLCs

4.5 Configuring and troubleshooting wireless segmentation

4.5.a RF profiles
4.5.b AP groups
4.5.c Flexconnect

4.6 Configuring and troubleshooting wireless security policies

4.6.a WLANs
4.6.b L2/L3 security
4.6.c Rogue policies
4.6.d Local EAP
4.6.e Local profiling
4.6.f ACLs
4.6.g Certificates

4.7 Configuring and troubleshooting Flexconnect and Office Extend

4.8 Configuring and troubleshooting Mesh

4.9 Implement RF management

4.9.a Static RF management
4.9.b Automatic RF management
4.9.c CleanAir
4.9.d Data rates

4.10 Configuring and troubleshooting WLC control plane security

4.10.a AAA
4.10.b CPU ACLs
4.10.c Management via wireless interface
4.10.d Management via dynamic interface

4.11 Configuring and troubleshooting mobility

4.11.a L2/L3 roaming
4.11.b Multicast optimization
4.11.c Mobility group scaling
4.11.d Inter-release controller mobility
4.11.e New mobility
4.11.f Mobility anchoring

4.12 Configuring and troubleshooting multicast

5.0 Configure and Troubleshoot a Unified Deployment Model (Converged) 11%

5.1 Configuring and controlling management access

5.2 Configuring and troubleshooting Interfaces

5.3 Configuring and troubleshooting lightweight APs

5.3.a dot1x
5.3.b AP authentication / authorization
5.3.c Logging
5.3.d Local / global configuration

5.4 Configuring and troubleshooting high availability and redundancy

5.4.a Clients
5.4.b APs
5.4.c WLCs

5.5 Configuring and troubleshooting wireless segmentation

5.5.a RF profiles
5.5.b AP groups

5.6 Configuring and Troubleshooting wireless security policies

5.6.a WLANs
5.6.b L2/L3 security
5.6.c Rogue policies
5.6.d Local EAP
5.6.e ACLs
5.6.f Certificates

5.7 Implement RF management

5.7.a Static RF management
5.7.b Automatic RF management
5.7.c CleanAir
5.7.d Data rates

5.8 Configuring and troubleshooting WLC control plane security

5.8.a AAA
5.8.b Basic control plane policing

5.9 Configuring and troubleshooting mobility

5.9.a L2/L3 roaming
5.9.b Multicast optimization
5.9.c Mobility group scaling
5.9.d Inter-release controller mobility
5.9.e Mobility anchoring
5.9.f SPG
5.9.g MC/MA

5.10 Configuring and troubleshooting multicast

6.0 Configure and Troubleshoot Security & Identity Management 10%

6.1 Configure and troubleshoot identity management

6.1.a Basic PKI for dot1x and webauth
6.1.b External identity sources (AD, LDAP)

6.2 Configure and troubleshoot AAA policies

6.2.a Client authentication and authorization
6.2.b Management authentication and authorization
6.2.c Client profiling and provisioning
6.2.d RADIUS attributes
6.2.e CoA

6.3 Configure and troubleshoot guest management

6.3.a Local web authentication
6.3.b Central web authentication
6.3.c Basic sponsor policy

7.0 Configure and Troubleshoot Prime Infrastructure and MSE 10%

7.1 Configure and troubleshoot management access

7.1.a AAA
7.1.b Virtual domain

7.2 Perform basic operations

7.2.a Create and deploy templates
7.2.b Operate maps
7.2.c Import infrastructure devices
7.2.d High availability
7.2.e Audits
7.2.f Client troubleshooting
7.2.g Notification receivers
7.2.h Reports

7.3 Perform maintenance operations

7.3.a Background tasks
7.3.b SW image management

7.4 Security management

7.4.a Understand rogue management
7.4.b Manage alarms and events
7.4.c Understand security index

7.5 Implement and troubleshoot MSE

7.5.a Management access
7.5.b Network services
7.5.b [i] Location
7.5.b [ii] CMX
7.5.b [iii] CleanAir
7.5.b [iv] WIPS
7.5.c NMSP

7.6 Integrate ISE

7.7 Integrate netflow

8.0 Configure and Troubleshoot WLAN media and application services 10%

8.1 Configure and troubleshoot voice over wireless

8.1.a QoS profiles
8.1.b EDCA
8.1.c WMM
8.1.d BDRL
8.1.e Admission control
8.1.f MQC

8.2 Configuring and troubleshooting video and media

8.2.a Mediastream
8.2.b Multicast-direct
8.2.c Admission control

8.3 Configuring and troubleshooting mDNS

8.3.a mDNS proxy
8.3.b Service discovery
8.3.c Service filtering

8.4 Configuring and troubleshooting AVC and netflow

9.0 Evolving Technologies 10%

9.1 Cloud

9.1.a Compare and contrast Cloud deployment models
9.1.a [i] Infrastructure, platform, and software services (XaaS)
9.1.a [ii] Performance and reliability
9.1.a [iii] Security and privacy
9.1.a [iv] Scalability and interoperability
9.1.b Describe Cloud implementations and operations
9.1.b [i] Automation and orchestration
9.1.b [ii] Workload mobility
9.1.b [iii] Troubleshooting and management
9.1.b [iv] OpenStack components

9.2 Network programmability [SDN]

9.2.a Describe functional elements of network programmability (SDN) and how they interact
9.2.a [i] Controllers
9.2.a [ii] APIs
9.2.a [iii] Scripting
9.2.a [iv] Agents
9.2.a [v] Northbound vs. Southbound protocols
9.2.b Describe aspects of virtualization and automation in network environments
9.2.b [i] DevOps methodologies, tools and workflows
9.2.b [ii] Network/application function virtualization (NFV, AFV)
9.2.b [iii] Service function chaining
9.2.b [iv] Performance, availability, and scaling considerations

9.3 Internet of Things

9.3.a Describe architectural framework and deployment considerations for Internet of Things (IoT)
9.3.a [i] Performance, reliability and scalability
9.3.a [ii] Mobility
9.3.a [iii] Security and privacy
9.3.a [iv] Standards and compliance
9.3.a [v] Migration
9.3.a [vi] Environmental impacts on the network

Click here to view complete Q&A of 400-351 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 400-351 Certification, Cisco 400-351 Training at certkingdom.com

Posted in CCIE | Tagged , , , , , , , , | Leave a comment

400-201 CCIE SP CCIE Service Provider Exam Topics v4.0, Topics v4.1

Exam Number 400-201 CCIE SP
Associated Certifications CCIE Service Provider
Duration 120 minutes (90 – 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

The Cisco CCIE Service Provider Written Exam (400-201) version 4.0 is a two-hour test with 90-110 questions that validate professionals who have the expertise to design, implement, diagnose, and troubleshoot complex Service Provider highly available network infrastructure and services based on dual stack solutions (IPv4 and IPv6); understand how the network and service components interoperate; and understand the functional requirements and translate into specific device configurations.

Written Exam Topics v4.0 (Recommended for candidates scheduled to take the test BEFORE July 25, 2016)

Written Exam Topics v4.1 (Recommended for candidates scheduled to take the test ON July 25, 2016 and beyond)

Exam Description
The Cisco CCIE® Service Provider Written Exam (400-201) version 4.0 is a two-hour test with 90−110 questions that validate professionals who have the expertise to design, implement, diagnose, and troubleshoot complex Service Provider highly available network infrastructure and services based on dual stack solutions (IPv4 and IPv6); understand how the network and service components interoperate; and understand the functional requirements and translate into specific device configurations. The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Service Provider Written Exam Topics v4.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Service Provider Architecture and Evolution 10%

1.1 Service Provider Architecture Concepts

1.1.a Describe network architecture component and Service Provider network domain, for example, PE, P, CE, Metro Ethernet Core, and Aggregation
1.1.b Describe platform architecture components, for example, RP, Line Cards, and Fabric Crossbar
1.1.c Describe Cisco IOS-XR Software architecture components, for example, System Manager and XR Kernel

1.2 Virtualization Concepts

1.2.a Describe basic physical router virtualization, for example, SDR and nV
1.2.b Describe basic network function virtualization, for example, XRv/CSR1000v

1.3 Mobility Concepts

1.3.a Describe basic Service Provider network mobility infrastructure, for example, RAN, Backhaul, and Core

2.0 Core Routing 23%

2.1 Interior Gateway Protocol (IGP)

2.1.a Describe, implement, and troubleshoot IS-IS
2.1.b Describe, implement, and troubleshoot OSPFv2 and OSPFv3
2.1.c Describe and optimize IGP scale and performance

2.2 Border Gateway Protocol (BGP)

2.2.a Describe, implement, and troubleshoot IBGP, EBGP, and MP-BGP
2.2.b Describe, implement, and troubleshoot BGP route policy enforcement
2.2.c Describe BGP path attribute
2.2.d Describe and optimize BGP scale and performance
2.2.e Describe, implement, and troubleshoot advanced BGP features, for example, add-path and BGP LS

2.3 Multiprotocol Label Switching (MPLS)

2.3.a Describe MPLS forwarding and control plane mechanisms
2.3.b Describe, implement, and troubleshoot LDP
2.3.c Describe and optimize LDP scale and performance

2.4 MPLS Traffic Engineering

2.4.a Describe, implement, and troubleshoot RSVP
2.4.b Describe, implement, and troubleshoot ISIS and OSPF extensions
2.4.c Describe, implement, and troubleshoot MPLS TE policy enforcement
2.4.d Describe MPLS TE attributes
2.4.e Describe and optimize MPLS TE scale and performance
2.4.f Describe MPLS advanced features, for example, Segment Routing, G-MPLS, MPLS-TP, and MPLS-TE Inter-AS

2.5 Multicast

2.5.a Describe, implement, and troubleshoot PIM (PIM-SM, PIM-SSM, and PIM-BIDIR)
2.5.b Describe, implement, and troubleshoot RP (Auto-RP, BSR, Static, Anycast RP, and MSDP)
2.5.c Describe, implement, and troubleshoot mLDP (including mLDP profiles from 0 to 9)
2.5.d Describe P2MP TE
2.5.e Describe and optimize multicast scale and performance

2.6 Quality of Service (QoS)

2.6.a Describe, implement, and troubleshoot classification and marking
2.6.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
2.6.c Describe, implement, and troubleshoot congestion avoidance
2.6.d Describe, implement, and troubleshoot MPLS QoS models (MAM, RDM, Pipe, Short Pipe, and Uniform)
2.6.e Describe, implement, and troubleshoot MPLS TE QoS (CBTS, PBTS, and DS-TE)

3.0 Service Provider Based Services 23%

3.1 Carrier Ethernet

3.1.a Describe, implement, and troubleshoot E-LINE, for example, VPWS
3.1.b Describe, implement, and troubleshoot E-LAN and E-TREE, for example VPLS and H-VPLS
3.1.c Describe EVPN (EVPN-VPWS and PBB EVPN)
3.1.d Describe IEEE 802.1ad (Q-in-Q), IEEE 802.1ah (Mac-in-Mac), and ITU G.8032 (REP)

3.2 L3VPN

3.2.a Describe, implement, and troubleshoot L3VPN
3.2.b Describe, implement, and troubleshoot Inter-AS L3VPN
3.2.c Describe, implement, and troubleshoot Multicast VPN
3.2.d Describe, implement, and troubleshoot Unified MPLS and CSC
3.2.e Describe, implement, and troubleshoot shared services, for example, Extranet and Internet access

3.3 Overlay VPN

3.3.a Describe, implement, and troubleshoot L2TPv3
3.3.b Describe, implement, and troubleshoot LISP
3.3.c Describe, implement, and troubleshoot GRE and mGRE based VPN

3.4 Internet Service

3.4.a Describe, implement, and troubleshoot Internet Peering and Transit
3.4.b Describe, implement, and troubleshoot IPv6 transition mechanism, for example, NAT44, NAT64, 6RD, and DS Lite
3.4.c Describe, implement, and troubleshoot Internet peering route and transit policy enforcement

4.0 Access and Aggregation 17%

4.1 Transport and Encapsulation Technologies

4.1.a Describe transport technologies, for example, optical, xDSL, DOCSIS, TDM, and GPON
4.1.b Describe, implement, and troubleshoot Ethernet technologies
4.1.c Describe link aggregation techniques

4.2 PE-CE Connectivity

4.2.a Describe, implement, and troubleshoot PE-CE routing protocols, for example, static, OSPF, and BGP
4.2.b Describe, implement, and troubleshoot route redistribution
4.2.c Describe, implement, and troubleshoot route filtering
4.2.d Describe, implement, and troubleshoot loop prevention techniques in Multihomed environments
4.2.e Describe, implement, and troubleshoot end-to-end fast convergence
4.2.f Describe, implement, and troubleshoot Multi-VRF CE
4.2.g Describe Broadband Forum TR-101, for example, Trunk N:1 and Trunk 1:1

4.3 Quality of Service (QoS)

4.3.a Describe, implement, and troubleshoot classification and marking
4.3.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
4.3.c Describe, implement, and troubleshoot congestion avoidance
4.3.d Describe Link Fragmentation (LFI), cRTP, and RTP

4.4 Multicast

4.4.a Describe, implement, and troubleshoot IGMP and MLD
4.4.b Describe, implement, and troubleshoot PIM
4.4.c Describe, implement, and troubleshoot RP
4.4.d Describe and optimize multicast scale and performance

5.0 High Availability and Fast Convergence 10%

5.1 System Level HA

5.1.a Describe Multichassis/clustering HA
5.1.b Describe, implement, and troubleshoot SS0/NSF, NSR, and GR
5.1.c Describe, implement, and troubleshoot IGP-LDP Sync
5.1.d Describe, implement, and troubleshoot LDP Session Protection

5.2 Layer 1/2/3 Failure Detection Techniques

5.2.a Describe Layer 1 failure detection
5.2.b Describe, implement, and troubleshoot Layer 2 failure detection
5.2.c Describe, implement, and troubleshoot Layer 3 failure detection

5.3 Routing/Fast Convergence

5.3.a Describe, implement, and optimize IGP convergence
5.3.b Describe, implement, and optimize BGP convergence
5.3.c Describe, implement, and optimize IP FRR and TE FRR

6.0 Service Provider Security, Service Provider Operation and Management 17%

6.1 Control Plane Security

6.1.a Describe, implement, and troubleshoot control plane protection techniques (LPTS and CoPP)
6.1.b Describe, implement, and troubleshoot routing protocol security, for example, BGP-TTL security and protocol authentication
6.1.c Describe, implement and troubleshoot BGP prefix suppression
6.1.d Describe, implement and troubleshoot LDP security, for example, authentication and label allocation filtering
6.1.e Describe, implement, and troubleshoot BGP prefix based filtering
6.1.f Describe BGPsec

6.2 Management Plane Security

6.2.a Describe, implement, and troubleshoot device management, for example, MPP, SSH, and VTY
6.2.b Describe, implement, and troubleshoot logging and SNMP security
6.2.c Describe backscatter Traceback

6.3 Infrastructure Security

6.3.a Describe, implement, and troubleshoot uRPF
6.3.b Describe Lawful-intercept
6.3.c Describe, implement, and troubleshoot iACL
6.3.d Describe, implement, and troubleshoot RTBH
6.3.e Describe BGP Flowspec
6.3.f Describe DDoS mitigation techniques

6.4 Timing and Synchronization

6.4.a Describe, implement, and troubleshoot timing protocol, for example, NTP, 1588v2, and SyncE

6.5 Network Monitoring and Troubleshooting

6.5.a Describe, implement, and troubleshoot syslog and logging functions
6.5.b Describe, implement, and troubleshoot SNMP traps, RMON, EEM, and EPC
6.5.c Describe, implement, and troubleshoot port mirroring protocols, for example, SPAN, RSPAN, and ERSPAN
6.5.d Describe, implement and troubleshoot NetFlow and IPFIX
6.5.e Describe, implement, and troubleshoot IP SLA
6.5.f Describe, implement, and troubleshoot MPLS OAM and Ethernet OAM
6.5.g Describe network event and fault management
6.5.h Describe performance management and capacity procedures

6.6 Network Configuration and Change Management

6.6.a Describe maintenance, operational procedures
6.6.b Describe network inventory management process
6.6.c Describe network change, implementation, and rollback
6.6.d Describe incident management process based on ITILv3 framework

CCIE Service Provider Written Exam (400-201) Version 4.1

Exam Description
The Cisco CCIE® Service Provider Written Exam (400-201) version 4.1 is a two-hour test with 90−110 questions that validate professionals who have the expertise to design, implement, diagnose, and troubleshoot complex Service Provider highly available network infrastructure and services based on dual stack solutions (IPv4 and IPv6); understand how the network and service components interoperate; and understand the functional requirements and translate into specific device configurations. The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Service Provider Written Exam Topics v4.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)

1.0 Service Provider Architecture and Evolution 10%

1.1 Service Provider Architecture Concepts

1.1.a Describe network architecture component and Service Provider network domain, for example, PE, P, CE, Metro Ethernet Core, and Aggregation
1.1.b Describe platform architecture components, for example, RP, Line Cards, and Fabric Crossbar
1.1.c Describe Cisco IOS-XR Software architecture components, for example, System Manager and XR Kernel

1.2 Virtualization Concepts

1.2.a Describe basic physical router virtualization, for example, SDR and nV
1.2.b Describe basic network function virtualization, for example, XRv/CSR1000v

1.3 Mobility Concepts

1.3.a Describe basic Service Provider network mobility infrastructure, for example, RAN, Backhaul, and Core

2.0 Core Routing 20%

2.1 Interior Gateway Protocol (IGP)

2.1.a Describe, implement, and troubleshoot IS-IS
2.1.b Describe, implement, and troubleshoot OSPFv2 and OSPFv3
2.1.c Describe and optimize IGP scale and performance

2.2 Border Gateway Protocol (BGP)

2.2.a Describe, implement, and troubleshoot IBGP, EBGP, and MP-BGP
2.2.b Describe, implement, and troubleshoot BGP route policy enforcement
2.2.c Describe BGP path attribute
2.2.d Describe and optimize BGP scale and performance
2.2.e Describe, implement, and troubleshoot advanced BGP features, for example, add-path and BGP LS

2.3 Multiprotocol Label Switching (MPLS)

2.3.a Describe MPLS forwarding and control plane mechanisms
2.3.b Describe, implement, and troubleshoot LDP
2.3.c Describe and optimize LDP scale and performance

2.4 MPLS Traffic Engineering

2.4.a Describe, implement, and troubleshoot RSVP
2.4.b Describe, implement, and troubleshoot ISIS and OSPF extensions
2.4.c Describe, implement, and troubleshoot MPLS TE policy enforcement
2.4.d Describe MPLS TE attributes
2.4.e Describe and optimize MPLS TE scale and performance
2.4.f Describe MPLS advanced features, for example, Segment Routing, G-MPLS, MPLS-TP, and MPLS-TE Inter-AS

2.5 Multicast

2.5.a Describe, implement, and troubleshoot PIM (PIM-SM, PIM-SSM, and PIM-BIDIR)
2.5.b Describe, implement, and troubleshoot RP (Auto-RP, BSR, Static, Anycast RP, and MSDP)
2.5.c Describe, implement, and troubleshoot mLDP (including mLDP profiles from 0 to 9)
2.5.d Describe P2MP TE
2.5.e Describe and optimize multicast scale and performance

2.6 Quality of Service (QoS)

2.6.a Describe, implement, and troubleshoot classification and marking
2.6.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
2.6.c Describe, implement, and troubleshoot congestion avoidance
2.6.d Describe, implement, and troubleshoot MPLS QoS models (MAM, RDM, Pipe, Short Pipe, and Uniform)
2.6.e Describe, implement, and troubleshoot MPLS TE QoS (CBTS, PBTS, and DS-TE)

3.0 Service Provider Based Services 20%

3.1 Carrier Ethernet

3.1.a Describe, implement, and troubleshoot E-LINE, for example, VPWS
3.1.b Describe, implement, and troubleshoot E-LAN and E-TREE, for example VPLS and H-VPLS
3.1.c Describe EVPN (EVPN-VPWS and PBB EVPN)
3.1.d Describe IEEE 802.1ad (Q-in-Q), IEEE 802.1ah (Mac-in-Mac), and ITU G.8032 (REP)

3.2 L3VPN

3.2.a Describe, implement, and troubleshoot L3VPN
3.2.b Describe, implement, and troubleshoot Inter-AS L3VPN
3.2.c Describe, implement, and troubleshoot Multicast VPN
3.2.d Describe, implement, and troubleshoot Unified MPLS and CSC
3.2.e Describe, implement, and troubleshoot shared services, for example, Extranet and Internet access

3.3 Overlay VPN

3.3.a Describe, implement, and troubleshoot L2TPv3
3.3.b Describe, implement, and troubleshoot LISP
3.3.c Describe, implement, and troubleshoot GRE and mGRE based VPN

3.4 Internet Service

3.4.a Describe, implement, and troubleshoot Internet Peering and Transit
3.4.b Describe, implement, and troubleshoot IPv6 transition mechanism, for example, NAT44, NAT64, 6RD, and DS Lite
3.4.c Describe, implement, and troubleshoot Internet peering route and transit policy enforcement

4.0 Access and Aggregation 15%

4.1 Transport and Encapsulation Technologies

4.1.a Describe transport technologies, for example, optical, xDSL, DOCSIS, TDM, and GPON
4.1.b Describe, implement, and troubleshoot Ethernet technologies
4.1.c Describe link aggregation techniques

4.2 PE-CE Connectivity

4.2.a Describe, implement, and troubleshoot PE-CE routing protocols, for example, static, OSPF, and BGP
4.2.b Describe, implement, and troubleshoot route redistribution
4.2.c Describe, implement, and troubleshoot route filtering
4.2.d Describe, implement, and troubleshoot loop prevention techniques in Multihomed environments
4.2.e Describe, implement, and troubleshoot end-to-end fast convergence
4.2.f Describe, implement, and troubleshoot Multi-VRF CE
4.2.g Describe Broadband Forum TR-101, for example, Trunk N:1 and Trunk 1:1

4.3 Quality of Service (QoS)

4.3.a Describe, implement, and troubleshoot classification and marking
4.3.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
4.3.c Describe, implement, and troubleshoot congestion avoidance
4.3.d Describe Link Fragmentation (LFI), cRTP, and RTP

4.4 Multicast

4.4.a Describe, implement, and troubleshoot IGMP and MLD
4.4.b Describe, implement, and troubleshoot PIM
4.4.c Describe, implement, and troubleshoot RP
4.4.d Describe and optimize multicast scale and performance

5.0 High Availability and Fast Convergence 10%

5.1 System Level HA

5.1.a Describe Multichassis/clustering HA
5.1.b Describe, implement, and troubleshoot SS0/NSF, NSR, and GR
5.1.c Describe, implement, and troubleshoot IGP-LDP Sync
5.1.d Describe, implement, and troubleshoot LDP Session Protection

5.2 Layer 1/2/3 Failure Detection Techniques

5.2.a Describe Layer 1 failure detection
5.2.b Describe, implement, and troubleshoot Layer 2 failure detection
5.2.c Describe, implement, and troubleshoot Layer 3 failure detection

5.3 Routing/Fast Convergence

5.3.a Describe, implement, and optimize IGP convergence
5.3.b Describe, implement, and optimize BGP convergence
5.3.c Describe, implement, and optimize IP FRR and TE FRR

6.0 Service Provider Security, Service Provider Operation and Management 15%

6.1 Control Plane Security

6.1.a Describe, implement, and troubleshoot control plane protection techniques (LPTS and CoPP)
6.1.b Describe, implement, and troubleshoot routing protocol security, for example, BGP-TTL security and protocol authentication
6.1.c Describe, implement and troubleshoot BGP prefix suppression
6.1.d Describe, implement and troubleshoot LDP security, for example, authentication and label allocation filtering
6.1.e Describe, implement, and troubleshoot BGP prefix based filtering
6.1.f Describe BGPsec

6.2 Management Plane Security

6.2.a Describe, implement, and troubleshoot device management, for example, MPP, SSH, and VTY
6.2.b Describe, implement, and troubleshoot logging and SNMP security
6.2.c Describe backscatter Traceback

6.3 Infrastructure Security

6.3.a Describe, implement, and troubleshoot uRPF
6.3.b Describe Lawful-intercept
6.3.c Describe, implement, and troubleshoot iACL
6.3.d Describe, implement, and troubleshoot RTBH
6.3.e Describe BGP Flowspec
6.3.f Describe DDoS mitigation techniques

6.4 Timing and Synchronization

6.4.a Describe, implement, and troubleshoot timing protocol, for example, NTP, 1588v2, and SyncE

6.5 Network Monitoring and Troubleshooting

6.5.a Describe, implement, and troubleshoot syslog and logging functions
6.5.b Describe, implement, and troubleshoot SNMP traps, RMON, EEM, and EPC
6.5.c Describe, implement, and troubleshoot port mirroring protocols, for example, SPAN, RSPAN, and ERSPAN
6.5.d Describe, implement and troubleshoot NetFlow and IPFIX
6.5.e Describe, implement, and troubleshoot IP SLA
6.5.f Describe, implement, and troubleshoot MPLS OAM and Ethernet OAM
6.5.g Describe network event and fault management
6.5.h Describe performance management and capacity procedures

6.6 Network Configuration and Change Management

6.6.a Describe maintenance, operational procedures
6.6.b Describe network inventory management process
6.6.c Describe network change, implementation, and rollback
6.6.d Describe incident management process based on ITILv3 framework

7.0 Evolving Technologies 10%

7.1 Cloud

7.1.a Compare and contrast Cloud deployment models
7.1.a [i] Infrastructure, platform, and software services (XaaS)
7.1.a [ii] Performance and reliability
7.1.a [iii] Security and privacy
7.1.a [iv] Scalability and interoperability
7.1.b Describe Cloud implementations and operations
7.1.b [i] Automation and orchestration
7.1.b [ii] Workload mobility
7.1.b [iii] Troubleshooting and management
7.1.b [iv] OpenStack components

7.2 Network programmability [SDN]

7.2.a Describe functional elements of network programmability (SDN) and how they interact
7.2.a [i] Controllers
7.2.a [ii] APIs
7.2.a [iii] Scripting
7.2.a [iv] Agents
7.2.a [v] Northbound vs. Southbound protocols
7.2.b Describe aspects of virtualization and automation in network environments
7.2.b [i] DevOps methodologies, tools and workflows
7.2.b [ii] Network/application function virtualization (NFV, AFV)
7.2.b [iii] Service function chaining
7.2.b [iv] Performance, availability, and scaling considerations

7.3 Internet of Things

7.3.a Describe architectural framework and deployment considerations for Internet of Things (IoT)
7.3.a [i] Performance, reliability and scalability
7.3.a [ii] Mobility
7.3.a [iii] Security and privacy
7.3.a [iv] Standards and compliance
7.3.a [v] Migration
7.3.a [vi] Environmental impacts on the network


QUESTION 1
Which well-known community ensures that a BGP prefix is not propagated to any other BGP peers?

A. no-advertise
B. no-export
C. local-AS
D. Internet

Answer: C


QUESTION 2
Which is the RP address of the IPv6 multicast address FF76:0:130:1234:5678:9abc::4321?

A. 4321:5678:9abc::30
B. 4321:5678:9abc::13
C. 1234:5678:9abc::130
D. 1234:5678:9abc::1
E. 1234:5678:9abc::13

Answer: D
Reference: http://www.netcraftsmen.com/wp-content/uploads/2014/12/20090429-CMU-Introduction_to_IP_Multicast.pdf page 53


QUESTION 3
Two Tier 2 Service Providers are using a Tier 1 Service Provider for transport. MPLS is required between the Tier 2 Service Providers for label switching. In this CSC solution, which label stack is correct?

A. original IP packet, MPLS CSC transport label, MPLS VPN label, and MPLS Tier 2 transport label
B. original IP packet, MPLS Tier 2 transport label, MPLS VPN label, and MPLS CSC transport label
C. original IP packet, MPLS VPN label, MPLS Tier 2 transport label, and MPLS CSC transport label
D. original IP packet, MPLS Tier 2 transport label, MPLS CSC transport label, and MPLS VPN label

Answer: C


QUESTION 4
Which are the two purposes of the MPLS label value 1? (Choose two.)

A. it is used for MPLS OAM packets.
B. it indicates an implicit null label.
C. it is used for VPNv6 packets.
D. it is used to carry the QoS value in the label stack.
E. it indicates an explicit null label.
F. it indicates a router alert label.

Answer: C,F

Explanation: http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/4649-mpls-faq-4649.html#qa3 http://www.iana.org/assignments/mpls-label-values/mpls-label-values.xhtml
IPv4 Explicit NULL Label —-> 0
Router Alert Label —-> 1
IPv6 Explicit NULL Label —–> 2
Implicit NULL Label —–> 3
OAM Alert Labe —–> 14


QUESTION 5
Which Cisco IOS XR Virtualization technology provides full isolation between virtualized routing instances for extra control plane resources?

A. HVR
B. SVR
C. SDR
D. DRP

Answer: C

Explanation: Explanation : http://www.cisco.com/en/US/solutions/collateral/ns341/ns524/ns562/ns573/white_paper_c1
1-512753_ns573_Networking_Solutions_White_Paper.html


QUESTION 6

An engineer wants to configure Fast Reroute in the network. Which methodology eliminates RSVP configuration in the network?

A. Enable LDP Fast Synch.
B. Enable IP Fast Reroute.
C. Enable the auto tunnel primary feature.
D. Enable Cisco MPLS TE Fast Reroute.
E. Enable the auto tunnel backup feature.

Answer: B

Explanation:
http://www.cisco.com/en/US/docs/ios/12_0st/12_0st10/feature/guide/fastrout.html


QUESTION 7
Customers connecting to a Service Provider for Internet access are intending to implement redundant peering. The design requirements call for preferring a primary link for both ingress and egress traffic. Secondary links should be used only during primary outages. What two BGP deployment options will accomplish this design goal? (Choose two.)

A. On the router handling the secondary link, advertise routes with a MED value of 0.
B. On the router handling the primary link, set the weight for all incoming routes to be a value of 0.
C. On the router handling the secondary link, advertise all routes with a longer AS-PATH value.
D. On the router handling the primary link, advertise all routes with a longer AS-PATH value.
E. On the router handling the secondary link, set the local preference for all incoming routes to be a value of 0.

Answer: C,E

Click here to view complete Q&A of 400-201 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 400-201 Certification, Cisco 400-201 Training at certkingdom.com

 

Posted in CCIE | Tagged , , , , , , , , | Leave a comment

400-101 CCIE Routing and Switching Written Exam Topics v5.0 and Written Exam Topics v5.1

CCIE Routing and Switching Written Exam
Exam Number 400-101 CCIE
Associated Certifications CCIE Routing and Switching
Duration 120 Minutes (90 – 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

The Cisco CCIE Routing and Switching written exam validate that professionals have the expertise to: configure, validate, and troubleshoot complex enterprise network infrastructure; understand how infrastructure components interoperate; and translate functional requirements into specific device configurations.

Written Exam Topics v5.0 (Recommended for candidates scheduled to take the test BEFORE July 25, 2016)

Written Exam Topics v5.1 (Recommended for candidates scheduled to take the test ON July 25, 2016 and beyond)

Exam Description
The CCIE written exam is a two-hour qualification exam. The exam uses a combination of 90-110 multiple choice questions and simulations to assess skills. Exams are closed book and no reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Routing and Switching Written Exam Topics v5.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Network Principles 10%

1.1 Network theory

1.1.a Describe basic software architecture differences between IOS and IOS XE
1.1.a [i] Control plane and Forwarding plane
1.1.a [ii] Impact to troubleshooting and performances
1.1.a [iii] Excluding specific platform’s architecture
1.1.b Identify Cisco express forwarding concepts
1.1.b [i] RIB, FIB, LFIB, Adjacency table
1.1.b [ii] Load balancing Hash
1.1.b [iii] Polarization concept and avoidance
1.1.c Explain general network challenges
1.1.c [i] Unicast flooding
1.1.c [ii] Out of order packets
1.1.c [iii] Asymmetric routing
1.1.c [iv] Impact of micro burst
1.1.d Explain IP operations
1.1.d [i] ICMP unreachable, redirect
1.1.d [ii] IPv4 options, IPv6 extension headers
1.1.d [iii] IPv4 and IPv6 fragmentation
1.1.d [iv] TTL
1.1.d [v] IP MTU
1.1.e Explain TCP operations
1.1.e [i] IPv4 and IPv6 PMTU
1.1.e [ii] MSS
1.1.e [iii] Latency
1.1.e [iv] Windowing
1.1.e [v] Bandwidth delay product
1.1.e [vi] Global synchronization
1.1.e [vii] Options
1.1.f Explain UDP operations
1.1.f [i] Starvation
1.1.f [ii] Latency
1.1.f [iii] RTP/RTCP concepts

1.2 Network implementation and operation
1.2.a Evaluate proposed changes to a network
1.2.a [i] Changes to routing protocol parameters
1.2.a [ii] Migrate parts of a network to IPv6
1.2.a [iii] Routing protocol migration
1.2.a [iv] Adding multicast support
1.2.a [v] Migrate spanning tree protocol
1.2.a [vi] Evaluate impact of new traffic on existing QoS design

1.3 Network troubleshooting
1.3.a Use IOS troubleshooting tools
1.3.a [i] debug, conditional debug
1.3.a [ii] ping, traceroute with extended options
1.3.a [iii] Embedded packet capture
1.3.a [iv] Performance monitor
1.3.b Apply troubleshooting methodologies
1.3.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
1.3.b [ii] Design and implement valid solutions according to constraints
1.3.b [iii] Verify and monitor resolution
1.3.c Interpret packet capture
1.3.c [i] Using Wireshark trace analyzer
1.3.c [ii] Using IOS embedded packet capture

2.0 Layer 2 Technologies 15%

2.1 LAN switching technologies
2.1.a Implement and troubleshoot switch administration
2.1.a [i] Managing MAC address table
2.1.a [ii] errdisable recovery
2.1.a [iii] L2 MTU
2.1.b Implement and troubleshoot layer 2 protocols
2.1.b [i] CDP, LLDP
2.1.b [ii] UDLD
2.1.c Implement and troubleshoot VLAN
2.1.c [i] Access ports
2.1.c [ii] VLAN database
2.1.c [iii] Normal, extended VLAN, voice VLAN
2.1.d Implement and troubleshoot trunking
2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
2.1.d [ii] dot1Q
2.1.d [iii] Native VLAN
2.1.d [iv] Manual pruning
2.1.e Implement and troubleshoot EtherChannel
2.1.e [i] LACP, PAgP, manual
2.1.e [ii] Layer 2, layer 3
2.1.e [iii] Load-balancing
2.1.e [iv] Etherchannel misconfiguration guard
2.1.f Implement and troubleshoot spanning-tree
2.1.f [i] PVST+/RPVST+/MST
2.1.f [ii] Switch priority, port priority, path cost, STP timers
2.1.f [iii] port fast, BPDUguard, BPDUfilter
2.1.f [iv] loopguard, rootguard
2.1.g Implement and troubleshoot other LAN switching technologies
2.1.g [i] SPAN, RSPAN, ERSPAN
2.1.h Describe chassis virtualization and aggregation technologies
2.1.h [i] Multichassis
2.1.h [ii] VSS concepts
2.1.h [iii] Alternative to STP
2.1.h [iv] Stackwise
2.1.h [v] Excluding specific platform implementation
2.1.i Describe spanning-tree concepts
2.1.i [i] Compatibility between MST and RSTP
2.1.i [ii] STP dispute, STP bridge assurance

2.2 Layer 2 multicast
2.2.a Implement and troubleshoot IGMP
2.2.a [i] IGMPv1, IGMPv2, IGMPv3
2.2.a [ii] IGMP snooping
2.2.a [iii] IGMP querier
2.2.a [iv] IGMP filter
2.2.a [v] IGMP proxy
2.2.b Explain MLD
2.2.c Explain PIM snooping

2.3 Layer 2 WAN circuit technologies
2.3.a Implement and troubleshoot HDLC
2.3.b Implement and troubleshoot PPP
2.3.b [i] Authentication [PAP, CHAP]
2.3.b [ii] PPPoE
2.3.b [iii] MLPPP
2.3.c Describe WAN rate-based ethernet circuits
2.3.c [i] Metro and WAN Ethernet topologies
2.3.c [ii] Use of rate-limited WAN ethernet services

3.0 Layer 3 Technologies 40%

3.1 Addressing technologies
3.1.a Identify, implement and troubleshoot IPv4 addressing and subnetting
3.1.a [i] Address types, VLSM
3.1.a [ii] ARP
3.1.b Identify, implement and troubleshoot IPv6 addressing and subnetting
3.1.b [i] Unicast, multicast
3.1.b [ii] EUI-64
3.1.b [iii] ND, RS/RA
3.1.b [iv] Autoconfig/SLAAC, temporary addresses [RFC4941]
3.1.b [v] Global prefix configuration feature
3.1.b [vi] DHCP protocol operations
3.1.b [vii] SLAAC/DHCPv6 interaction
3.1.b [viii] Stateful, stateless DHCPv6
3.1.b [ix] DHCPv6 prefix delegation

3.2 Layer 3 multicast
3.2.a Troubleshoot reverse path forwarding
3.2.a [i] RPF failure
3.2.a [ii] RPF failure with tunnel interface
3.2.b Implement and troubleshoot IPv4 protocol independent multicast
3.2.b [i] PIM dense mode, sparse mode, sparse-dense mode
3.2.b [ii] Static RP, auto-RP, BSR
3.2.b [iii] BiDirectional PIM
3.2.b [iv] Source-specific multicast
3.2.b [v] Group to RP mapping
3.2.b [vi] Multicast boundary
3.2.c Implement and troubleshoot multicast source discovery protocol
3.2.c [i] Intra-domain MSDP [anycast RP]
3.2.c [ii] SA filter
3.2.d Describe IPv6 multicast
3.2.d [i] IPv6 multicast addresses
3.2.d [ii] PIMv6

3.3 Fundamental routing concepts
3.3.a Implement and troubleshoot static routing
3.3.b Implement and troubleshoot default routing
3.3.c Compare routing protocol types
3.3.c [i] Distance vector
3.3.c [ii] Link state
3.3.c [iii] Path vector
3.3.d Implement, optimize and troubleshoot administrative distance
3.3.e Implement and troubleshoot passive interface
3.3.f Implement and troubleshoot VRF lite
3.3.g Implement, optimize and troubleshoot filtering with any routing protocol
3.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
3.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
3.3.j Implement, optimize and troubleshoot policy-based routing
3.3.k Identify and troubleshoot sub-optimal routing
3.3.l Implement and troubleshoot bidirectional forwarding detection
3.3.m Implement and troubleshoot loop prevention mechanisms
3.3.m [i] Route tagging, filtering
3.3.m [ii] Split horizon
3.3.m [iii] Route poisoning
3.3.n Implement and troubleshoot routing protocol authentication
3.3.n [i] MD5
3.3.n [ii] Key-chain
3.3.n [iii] EIGRP HMAC SHA2-256bit
3.3.n [iv] OSPFv2 SHA1-196bit
3.3.n [v] OSPFv3 IPsec authentication

3.4 RIP [v2 and v6]
3.4.a Implement and troubleshoot RIPv2
3.4.b Describe RIPv6 [RIPng]

3.5 EIGRP [for IPv4 and IPv6]
3.5.a Describe packet types
3.5.a [i] Packet types [hello, query, update, and such]
3.5.a [ii] Route types [internal, external]
3.5.b Implement and troubleshoot neighbor relationship
3.5.b [i] Multicast, unicast EIGRP peering
3.5.b [ii] OTP point-to-point peering
3.5.b [iii] OTP route-reflector peering
3.5.b [iv] OTP multiple service providers scenario
3.5.c Implement and troubleshoot loop free path selection
3.5.c [i] RD, FD, FC, successor, feasible successor
3.5.c [ii] Classic metric
3.5.c [iii] Wide metric
3.5.d Implement and troubleshoot operations
3.5.d [i] General operations
3.5.d [ii] Topology table, update, query, active, passive
3.5.d [iii] Stuck in active
3.5.d [iv] Graceful shutdown
3.5.e Implement and troubleshoot EIGRP stub
3.5.e [i] Stub
3.5.e [ii] Leak-map
3.5.f Implement and troubleshoot load-balancing
3.5.f [i] equal-cost
3.5.f [ii] unequal-cost
3.5.f [iii] add-path
3.5.g Implement EIGRP [multi-address] named mode
3.5.g [i] Types of families
3.5.g [ii] IPv4 address-family
3.5.g [iii] IPv6 address-family
3.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
3.5.h [i] Describe fast convergence requirements
3.5.h [ii] Control query boundaries
3.5.h [iii] IP FRR/fast reroute [single hop]
3.5.8 [iv] Summary leak-map
3.5.h [v] Summary metric

3.6 OSPF [v2 and v3]
3.6.a Describe packet types
3.6.a [i] LSA yypes [1, 2, 3, 4, 5, 7, 9]
3.6.a [ii] Route types [N1, N2, E1, E2]
3.6.b Implement and troubleshoot neighbor relationship
3.6.c Implement and troubleshoot OSPFv3 address-family support
3.6.c [i] IPv4 address-family
3.6.c [ii] IPv6 address-family
3.6.d Implement and troubleshoot network types, area types and router types
3.6.d [i] Point-to-point, multipoint, broadcast, non-broadcast
3.6.d [ii] LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.6.d [iii] Internal router, ABR, ASBR
3.6.d [iv] Virtual link
3.6.e Implement and troubleshoot path preference
3.6.f Implement and troubleshoot operations
3.6.f [i] General operations
3.6.f [ii] Graceful shutdown
3.6.f [iii] GTSM [Generic TTL Security Mechanism]
3.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
3.6.g [i] Metrics
3.6.g [ii] LSA throttling, SPF tuning, fast hello
3.6.g [iii] LSA propagation control [area types, ISPF]
3.6.g [iv] IP FRR/fast reroute [single hop]
3.6.g [v] LFA/loop-free alternative [multi hop]
3.6.g [vi] OSPFv3 prefix suppression

3.7 BGP
3.7.a Describe, implement and troubleshoot peer relationships
3.7.a [i] Peer-group, template
3.7.a [ii] Active, passive
3.7.a [iii] States, timers
3.7.a [iv] Dynamic neighbors
3.7.b Implement and troubleshoot IBGP and EBGP
3.7.b [i] EBGP, IBGP
3.7.b [ii] 4 bytes AS number
3.7.b [iii] Private AS
3.7.c Explain attributes and best-path selection
3.7.d Implement, optimize and troubleshoot routing policies
3.7.d [i] Attribute manipulation
3.7.d [ii] Conditional advertisement
3.7.d [iii] Outbound route filtering
3.7.d [iv] Communities, extended communities
3.7.d [v] Multi-homing
3.7.e Implement and troubleshoot scalability
3.7.e [i] Route-reflector, cluster
3.7.e [ii] Confederations
3.7.e [iii] Aggregation, AS set
3.7.f Implement and troubleshoot multiproctocol BGP
3.7.f [i] IPv4, IPv6, VPN address-family
3.7.g Implement and troubleshoot AS path manipulations
3.7.g [i] Local AS, allow AS in, remove private AS
3.7.g [ii] Prepend
3.7.g [iii] Regexp
3.7.h Implement and troubleshoot other features
3.7.h [i] Multipath
3.7.h [ii] BGP synchronization
3.7.h [iii] Soft reconfiguration, route refresh
3.7.i Describe BGP fast convergence features
3.7.i [i] Prefix independent convergence
3.7.i [ii] Add-path
3.7.i [iii] Next-hop address tracking

3.8 ISIS [for IPv4 and IPv6]
3.8.a Describe basic ISIS network
3.8.a [i] Single area, single topology
3.8.b Describe neighbor relationship
3.8.c Describe network types, levels and router types
3.8.c [i] NSAP addressing
3.8.c [ii] Point-to-point, broadcast
3.8.d Describe operations
3.8.e Describe optimization features
3.8.e [i] Metrics, wide metric

4.0 VPN Technologies 15%

4.1 Tunneling
4.1.a Implement and troubleshoot MPLS operations
4.1.a [i] Label stack, LSR, LSP
4.1.a [ii] LDP
4.1.a [iii] MPLS ping, MPLS traceroute
4.1.b Implement and troubleshoot basic MPLS L3VPN
4.1.b [i] L3VPN, CE, PE, P
4.1.b [ii] Extranet [route leaking]
4.1.c Implement and troubleshoot encapsulation
4.1.c [i] GRE
4.1.c [ii] Dynamic GRE
4.1.c [iii] LISP encapsulation principles supporting EIGRP OTP
4.1.d Implement and troubleshoot DMVPN [single hub]
4.1.d [i] NHRP
4.1.d [ii] DMVPN with IPsec using preshared key
4.1.d [iii] QoS profile
4.1.d [iv] Pre-classify
4.1.e Describe IPv6 tunneling techniques
4.1.e [i] 6in4, 6to4
4.1.e [ii] ISATAP
4.1.e [iii] 6RD
4.1.e [iv] 6PE/6VPE
4.1.g Describe basic layer 2 VPN —wireline
4.1.g [i] L2TPv3 general principals
4.1.g [ii] ATOM general principals
4.1.h Describe basic L2VPN — LAN services
4.1.h [i] MPLS-VPLS general principals
4.1.h [ii] OTV general principals

4.2 Encryption
4.2.a Implement and troubleshoot IPsec with preshared key
4.2.a [i] IPv4 site to IPv4 site
4.2.a [ii] IPv6 in IPv4 tunnels
4.2.a [iii] Virtual tunneling Interface [VTI]
4.2.b Describe GET VPN

5.0 Infrastructure Security 5%

5.1 Device security
5.1.a Implement and troubleshoot IOS AAA using local database
5.1.b Implement and troubleshoot device access control
5.1.b [i] Lines [VTY, AUX, console]
5.1.b [ii] SNMP
5.1.b [iii] Management plane protection
5.1.b [iv] Password encryption
5.1.c Implement and troubleshoot control plane policing
5.1.d Describe device security using IOS AAA with TACACS+ and RADIUS
5.1.d [i] AAA with TACACS+ and RADIUS
5.1.d [ii] Local privilege authorization fallback

5.2 Network security
5.2.a Implement and troubleshoot switch security features
5.2.a [i] VACL, PACL
5.2.a [ii] Stormcontrol
5.2.a [iii] DHCP snooping
5.2.a [iv] IP source-guard
5.2.a [v] Dynamic ARP inspection
5.2.a [vi] port-security
5.2.a [vii] Private VLAN
5.2.b Implement and troubleshoot router security features
5.2.b [i] IPv4 access control lists [standard, extended, time-based]
5.2.b [ii] IPv6 traffic filter
5.2.b [iii] Unicast reverse path forwarding
5.2.c Implement and troubleshoot IPv6 first hop security
5.2.c [i] RA guard
5.2.c [ii] DHCP guard
5.2.c [iii] Binding table
5.2.c [iv] Device tracking
5.2.c [v] ND inspection/snooping
5.2.c [vii] Source guard
5.2.c [viii] PACL
5.2.d Describe 802.1x
5.2.d [i] 802.1x, EAP, RADIUS
5.2.d [ii] MAC authentication bypass

6.0 Infrastructure Services 15%

6.1 System management
6.1.a Implement and troubleshoot device management
6.1.a [i] Console and VTY
6.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP
6.1.a [iii] [T]FTP
6.1.b Implement and troubleshoot SNMP
6.1.b [i] v2c, v3
6.1.c Implement and troubleshoot logging
6.1.c [i] Local logging, syslog, debug, conditional debug
6.1.c [ii] Timestamp

6.2 Quality of service
6.2.a Implement and troubleshoot end-to-end QoS
6.2.a [i] CoS and DSCP mapping
6.2.b Implement, optimize and troubleshoot QoS using MQC
6.2.b [i] Classification
6.2.b [ii] Network based application recognition [NBAR]
6.2.b [iii] Marking using IP precedence, DSCP, CoS, ECN
6.2.b [iv] Policing, shaping
6.2.b [v] Congestion management [queuing]
6.2.b [vi] HQoS, sub-rate ethernet link
6.2.b [vii] Congestion avoidance [WRED]
6.2.c Describe layer 2 QoS
6.2.c [i] Queuing, scheduling
6.2.c [ii] Classification, marking

6.3 Network services
6.3.a Implement and troubleshoot first-hop redundancy protocols
6.3.a [i] HSRP, GLBP, VRRP
6.3.a [ii] Redundancy using IPv6 RS/RA
6.3.b Implement and troubleshoot network time protocol
6.3.b [i] NTP master, client, version 3, version 4
6.3.b [ii] NTP Authentication
6.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
6.3.c [i] DHCP client, IOS DHCP server, DHCP relay
6.3.c [ii] DHCP options
6.3.c [iii] DHCP protocol operations
6.3.c [iv] SLAAC/DHCPv6 interaction
6.3.c [v] Stateful, stateless DHCPv6
6.3.c [vi] DHCPv6 prefix delegation
6.3.d Implement and troubleshoot IPv4 network address translation
6.3.d [i] Static NAT, dynamic NAT, policy-based NAT, PAT
6.3.d [ii] NAT ALG
6.3.e Describe IPv6 network address translation
6.3.e [i] NAT64
6.3.e [ii] NPTv6

6.4 Network optimization
6.4.a Implement and troubleshoot IP SLA
6.4.a [i] ICMP, UDP, Jitter, VoIP
6.4.b Implement and troubleshoot tracking object
6.4.b [i] Tracking object, tracking list
6.4.b [ii] Tracking different entities [e.g. interfaces, routes, IPSLA, and such]
6.4.c Implement and troubleshoot netflow
6.4.c [i] Netflow v5, v9
6.4.c [ii] Local retrieval
6.4.c [iii] Export [configuration only]
6.4.d Implement and troubleshoot embedded event manager
6.4.d [i] EEM policy using applet
6.4.e Identify performance routing [PfR]
6.4.e [i] Basic load balancing
6.4.e [ii] Voice optimization

CCIE Routing and Switching Written Exam (400-101) Version 5.1

Exam Description
The Cisco CCIE® Routing and Switching Written Exam [400-101] version 5.1 is a 2-hour test with 90−110 questions that will validate that professionals have the expertise to: configure, validate, and troubleshoot complex enterprise network infrastructure; understand how infrastructure components interoperate; and translate functional requirements into specific device configurations. The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Routing and Switching Written Exam Topics v5.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)

1.0 Network Principles 10%

1.1 Network theory
1.1.a Describe basic software architecture differences between IOS and IOS XE
1.1.a [i] Control plane and Forwarding plane
1.1.a [ii] Impact to troubleshooting and performances
1.1.a [iii] Excluding specific platform’s architecture
1.1.b Identify Cisco express forwarding concepts
1.1.b [i] RIB, FIB, LFIB, Adjacency table
1.1.b [ii] Load balancing Hash
1.1.b [iii] Polarization concept and avoidance
1.1.c Explain general network challenges
1.1.c [i] Unicast flooding
1.1.c [ii] Out of order packets
1.1.c [iii] Asymmetric routing
1.1.c [iv] Impact of micro burst
1.1.d Explain IP operations
1.1.d [i] ICMP unreachable, redirect
1.1.d [ii] IPv4 options, IPv6 extension headers
1.1.d [iii] IPv4 and IPv6 fragmentation
1.1.d [iv] TTL
1.1.d [v] IP MTU
1.1.e Explain TCP operations
1.1.e [i] IPv4 and IPv6 PMTU
1.1.e [ii] MSS
1.1.e [iii] Latency
1.1.e [iv] Windowing
1.1.e [v] Bandwidth delay product
1.1.e [vi] Global synchronization
1.1.e [vii] Options
1.1.f Explain UDP operations
1.1.f [i] Starvation
1.1.f [ii] Latency
1.1.f [iii] RTP/RTCP concepts

1.2 Network implementation and operation
1.2.a Evaluate proposed changes to a network
1.2.a [i] Changes to routing protocol parameters
1.2.a [ii] Migrate parts of a network to IPv6
1.2.a [iii] Routing protocol migration
1.2.a [iv] Adding multicast support
1.2.a [v] Migrate spanning tree protocol
1.2.a [vi] Evaluate impact of new traffic on existing QoS design

1.3 Network troubleshooting
1.3.a Use IOS troubleshooting tools
1.3.a [i] debug, conditional debug
1.3.a [ii] ping, traceroute with extended options
1.3.a [iii] Embedded packet capture
1.3.a [iv] Performance monitor
1.3.b Apply troubleshooting methodologies
1.3.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
1.3.b [ii] Design and implement valid solutions according to constraints
1.3.b [iii] Verify and monitor resolution
1.3.c Interpret packet capture
1.3.c [i] Using Wireshark trace analyzer
1.3.c [ii] Using IOS embedded packet capture

2.0 Layer 2 Technologies 13%

2.1 LAN switching technologies
2.1.a Implement and troubleshoot switch administration
2.1.a [i] Managing MAC address table
2.1.a [ii] errdisable recovery
2.1.a [iii] L2 MTU
2.1.b Implement and troubleshoot layer 2 protocols
2.1.b [i] CDP, LLDP
2.1.b [ii] UDLD
2.1.c Implement and troubleshoot VLAN
2.1.c [i] Access ports
2.1.c [ii] VLAN database
2.1.c [iii] Normal, extended VLAN, voice VLAN
2.1.d Implement and troubleshoot trunking
2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
2.1.d [ii] dot1Q
2.1.d [iii] Native VLAN
2.1.d [iv] Manual pruning
2.1.e Implement and troubleshoot EtherChannel
2.1.e [i] LACP, PAgP, manual
2.1.e [ii] Layer 2, layer 3
2.1.e [iii] Load-balancing
2.1.e [iv] Etherchannel misconfiguration guard
2.1.f Implement and troubleshoot spanning-tree
2.1.f [i] PVST+/RPVST+/MST
2.1.f [ii] Switch priority, port priority, path cost, STP timers
2.1.f [iii] port fast, BPDUguard, BPDUfilter
2.1.f [iv] loopguard, rootguard
2.1.g Implement and troubleshoot other LAN switching technologies
2.1.g [i] SPAN, RSPAN, ERSPAN
2.1.h Describe chassis virtualization and aggregation technologies
2.1.h [i] Multichassis
2.1.h [ii] VSS concepts
2.1.h [iii] Alternative to STP
2.1.h [iv] Stackwise
2.1.h [v] Excluding specific platform implementation
2.1.i Describe spanning-tree concepts
2.1.i [i] Compatibility between MST and RSTP
2.1.i [ii] STP dispute, STP bridge assurance

2.2 Layer 2 multicast
2.2.a Implement and troubleshoot IGMP
2.2.a [i] IGMPv1, IGMPv2, IGMPv3
2.2.a [ii] IGMP snooping
2.2.a [iii] IGMP querier
2.2.a [iv] IGMP filter
2.2.a [v] IGMP proxy
2.2.b Explain MLD
2.2.c Explain PIM snooping

2.3 Layer 2 WAN circuit technologies
2.3.a Implement and troubleshoot HDLC
2.3.b Implement and troubleshoot PPP
2.3.b [i] Authentication [PAP, CHAP]
2.3.b [ii] PPPoE
2.3.b [iii] MLPPP
2.3.c Describe WAN rate-based ethernet circuits
2.3.c [i] Metro and WAN Ethernet topologies
2.3.c [ii] Use of rate-limited WAN ethernet services

3.0 Layer 3 Technologies 37%

3.1 Addressing technologies
3.1.a Identify, implement and troubleshoot IPv4 addressing and subnetting
3.1.a [i] Address types, VLSM
3.1.a [ii] ARP
3.1.b Identify, implement and troubleshoot IPv6 addressing and subnetting
3.1.b [i] Unicast, multicast
3.1.b [ii] EUI-64
3.1.b [iii] ND, RS/RA
3.1.b [iv] Autoconfig/SLAAC, temporary addresses [RFC4941]
3.1.b [v] Global prefix configuration feature
3.1.b [vi] DHCP protocol operations
3.1.b [vii] SLAAC/DHCPv6 interaction
3.1.b [viii] Stateful, stateless DHCPv6
3.1.b [ix] DHCPv6 prefix delegation

3.2 Layer 3 multicast
3.2.a Troubleshoot reverse path forwarding
3.2.a [i] RPF failure
3.2.a [ii] RPF failure with tunnel interface
3.2.b Implement and troubleshoot IPv4 protocol independent multicast
3.2.b [i] PIM dense mode, sparse mode, sparse-dense mode
3.2.b [ii] Static RP, auto-RP, BSR
3.2.b [iii] BiDirectional PIM
3.2.b [iv] Source-specific multicast
3.2.b [v] Group to RP mapping
3.2.b [vi] Multicast boundary
3.2.c Implement and troubleshoot multicast source discovery protocol
3.2.c [i] Intra-domain MSDP [anycast RP]
3.2.c [ii] SA filter
3.2.d Describe IPv6 multicast
3.2.d [i] IPv6 multicast addresses
3.2.d [ii] PIMv6

3.3 Fundamental routing concepts
3.3.a Implement and troubleshoot static routing
3.3.b Implement and troubleshoot default routing
3.3.c Compare routing protocol types
3.3.c [i] Distance vector
3.3.c [ii] Link state
3.3.c [iii] Path vector
3.3.d Implement, optimize and troubleshoot administrative distance
3.3.e Implement and troubleshoot passive interface
3.3.f Implement and troubleshoot VRF lite
3.3.g Implement, optimize and troubleshoot filtering with any routing protocol
3.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
3.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
3.3.j Implement, optimize and troubleshoot policy-based routing
3.3.k Identify and troubleshoot sub-optimal routing
3.3.l Implement and troubleshoot bidirectional forwarding detection
3.3.m Implement and troubleshoot loop prevention mechanisms
3.3.m [i] Route tagging, filtering
3.3.m [ii] Split horizon
3.3.m [iii] Route poisoning
3.3.n Implement and troubleshoot routing protocol authentication
3.3.n [i] MD5
3.3.n [ii] Key-chain
3.3.n [iii] EIGRP HMAC SHA2-256bit
3.3.n [iv] OSPFv2 SHA1-196bit
3.3.n [v] OSPFv3 IPsec authentication

3.4 RIP [v2 and v6]
3.4.a Implement and troubleshoot RIPv2
3.4.b Describe RIPv6 [RIPng]

3.5 EIGRP [for IPv4 and IPv6]
3.5.a Describe packet types
3.5.a [i] Packet types [hello, query, update, and such]
3.5.a [ii] Route types [internal, external]
3.5.b Implement and troubleshoot neighbor relationship
3.5.b [i] Multicast, unicast EIGRP peering
3.5.b [ii] OTP point-to-point peering
3.5.b [iii] OTP route-reflector peering
3.5.b [iv] OTP multiple service providers scenario
3.5.c Implement and troubleshoot loop free path selection
3.5.c [i] RD, FD, FC, successor, feasible successor
3.5.c [ii] Classic metric
3.5.c [iii] Wide metric
3.5.d Implement and troubleshoot operations
3.5.d [i] General operations
3.5.d [ii] Topology table, update, query, active, passive
3.5.d [iii] Stuck in active
3.5.d [iv] Graceful shutdown
3.5.e Implement and troubleshoot EIGRP stub
3.5.e [i] Stub
3.5.e [ii] Leak-map
3.5.f Implement and troubleshoot load-balancing
3.5.f [i] equal-cost
3.5.f [ii] unequal-cost
3.5.f [iii] add-path
3.5.g Implement EIGRP [multi-address] named mode
3.5.g [i] Types of families
3.5.g [ii] IPv4 address-family
3.5.g [iii] IPv6 address-family
3.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
3.5.h [i] Describe fast convergence requirements
3.5.h [ii] Control query boundaries
3.5.h [iii] IP FRR/fast reroute [single hop]
3.5.8 [iv] Summary leak-map
3.5.h [v] Summary metric

3.6 OSPF [v2 and v3]
3.6.a Describe packet types
3.6.a [i] LSA yypes [1, 2, 3, 4, 5, 7, 9]
3.6.a [ii] Route types [N1, N2, E1, E2]
3.6.b Implement and troubleshoot neighbor relationship
3.6.c Implement and troubleshoot OSPFv3 address-family support
3.6.c [i] IPv4 address-family
3.6.c [ii] IPv6 address-family
3.6.d Implement and troubleshoot network types, area types and router types
3.6.d [i] Point-to-point, multipoint, broadcast, non-broadcast
3.6.d [ii] LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
3.6.d [iii] Internal router, ABR, ASBR
3.6.d [iv] Virtual link
3.6.e Implement and troubleshoot path preference
3.6.f Implement and troubleshoot operations
3.6.f [i] General operations
3.6.f [ii] Graceful shutdown
3.6.f [iii] GTSM [Generic TTL Security Mechanism]
3.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
3.6.g [i] Metrics
3.6.g [ii] LSA throttling, SPF tuning, fast hello
3.6.g [iii] LSA propagation control [area types, ISPF]
3.6.g [iv] IP FRR/fast reroute [single hop]
3.6.g [v] LFA/loop-free alternative [multi hop]
3.6.g [vi] OSPFv3 prefix suppression

3.7 BGP
3.7.a Describe, implement and troubleshoot peer relationships
3.7.a [i] Peer-group, template
3.7.a [ii] Active, passive
3.7.a [iii] States, timers
3.7.a [iv] Dynamic neighbors
3.7.b Implement and troubleshoot IBGP and EBGP
3.7.b [i] EBGP, IBGP
3.7.b [ii] 4 bytes AS number
3.7.b [iii] Private AS
3.7.c Explain attributes and best-path selection
3.7.d Implement, optimize and troubleshoot routing policies
3.7.d [i] Attribute manipulation
3.7.d [ii] Conditional advertisement
3.7.d [iii] Outbound route filtering
3.7.d [iv] Communities, extended communities
3.7.d [v] Multi-homing
3.7.e Implement and troubleshoot scalability
3.7.e [i] Route-reflector, cluster
3.7.e [ii] Confederations
3.7.e [iii] Aggregation, AS set
3.7.f Implement and troubleshoot multiproctocol BGP
3.7.f [i] IPv4, IPv6, VPN address-family
3.7.g Implement and troubleshoot AS path manipulations
3.7.g [i] Local AS, allow AS in, remove private AS
3.7.g [ii] Prepend
3.7.g [iii] Regexp
3.7.h Implement and troubleshoot other features
3.7.h [i] Multipath
3.7.h [ii] BGP synchronization
3.7.h [iii] Soft reconfiguration, route refresh
3.7.i Describe BGP fast convergence features
3.7.i [i] Prefix independent convergence
3.7.i [ii] Add-path
3.7.i [iii] Next-hop address tracking

3.8 ISIS [for IPv4 and IPv6]
3.8.a Describe basic ISIS network
3.8.a [i] Single area, single topology
3.8.b Describe neighbor relationship
3.8.c Describe network types, levels and router types
3.8.c [i] NSAP addressing
3.8.c [ii] Point-to-point, broadcast
3.8.d Describe operations
3.8.e Describe optimization features
3.8.e [i] Metrics, wide metric

4.0 VPN Technologies 13%

4.1 Tunneling
4.1.a Implement and troubleshoot MPLS operations
4.1.a [i] Label stack, LSR, LSP
4.1.a [ii] LDP
4.1.a [iii] MPLS ping, MPLS traceroute
4.1.b Implement and troubleshoot basic MPLS L3VPN
4.1.b [i] L3VPN, CE, PE, P
4.1.b [ii] Extranet [route leaking]
4.1.c Implement and troubleshoot encapsulation
4.1.c [i] GRE
4.1.c [ii] Dynamic GRE
4.1.c [iii] LISP encapsulation principles supporting EIGRP OTP
4.1.d Implement and troubleshoot DMVPN [single hub]
4.1.d [i] NHRP
4.1.d [ii] DMVPN with IPsec using preshared key
4.1.d [iii] QoS profile
4.1.d [iv] Pre-classify
4.1.e Describe IPv6 tunneling techniques
4.1.e [i] 6in4, 6to4
4.1.e [ii] ISATAP
4.1.e [iii] 6RD
4.1.e [iv] 6PE/6VPE
4.1.g Describe basic layer 2 VPN —wireline
4.1.g [i] L2TPv3 general principals
4.1.g [ii] ATOM general principals
4.1.h Describe basic L2VPN — LAN services
4.1.h [i] MPLS-VPLS general principals
4.1.h [ii] OTV general principals

4.2 Encryption
4.2.a Implement and troubleshoot IPsec with preshared key
4.2.a [i] IPv4 site to IPv4 site
4.2.a [ii] IPv6 in IPv4 tunnels
4.2.a [iii] Virtual tunneling Interface [VTI]
4.2.b Describe GET VPN

5.0 Infrastructure Security 5%

5.1 Device security
5.1.a Implement and troubleshoot IOS AAA using local database
5.1.b Implement and troubleshoot device access control
5.1.b [i] Lines [VTY, AUX, console]
5.1.b [ii] SNMP
5.1.b [iii] Management plane protection
5.1.b [iv] Password encryption
5.1.c Implement and troubleshoot control plane policing
5.1.d Describe device security using IOS AAA with TACACS+ and RADIUS
5.1.d [i] AAA with TACACS+ and RADIUS
5.1.d [ii] Local privilege authorization fallback

5.2 Network security
5.2.a Implement and troubleshoot switch security features
5.2.a [i] VACL, PACL
5.2.a [ii] Stormcontrol
5.2.a [iii] DHCP snooping
5.2.a [iv] IP source-guard
5.2.a [v] Dynamic ARP inspection
5.2.a [vi] port-security
5.2.a [vii] Private VLAN
5.2.b Implement and troubleshoot router security features
5.2.b [i] IPv4 access control lists [standard, extended, time-based]
5.2.b [ii] IPv6 traffic filter
5.2.b [iii] Unicast reverse path forwarding
5.2.c Implement and troubleshoot IPv6 first hop security
5.2.c [i] RA guard
5.2.c [ii] DHCP guard
5.2.c [iii] Binding table
5.2.c [iv] Device tracking
5.2.c [v] ND inspection/snooping
5.2.c [vii] Source guard
5.2.c [viii] PACL
5.2.d Describe 802.1x
5.2.d [i] 802.1x, EAP, RADIUS
5.2.d [ii] MAC authentication bypass

6.0 Infrastructure Services 12%

6.1 System management
6.1.a Implement and troubleshoot device management
6.1.a [i] Console and VTY
6.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP
6.1.a [iii] [T]FTP
6.1.b Implement and troubleshoot SNMP
6.1.b [i] v2c, v3
6.1.c Implement and troubleshoot logging
6.1.c [i] Local logging, syslog, debug, conditional debug
6.1.c [ii] Timestamp

6.2 Quality of service
6.2.a Implement and troubleshoot end-to-end QoS
6.2.a [i] CoS and DSCP mapping
6.2.b Implement, optimize and troubleshoot QoS using MQC
6.2.b [i] Classification
6.2.b [ii] Network based application recognition [NBAR]
6.2.b [iii] Marking using IP precedence, DSCP, CoS, ECN
6.2.b [iv] Policing, shaping
6.2.b [v] Congestion management [queuing]
6.2.b [vi] HQoS, sub-rate ethernet link
6.2.b [vii] Congestion avoidance [WRED]
6.2.c Describe layer 2 QoS
6.2.c [i] Queuing, scheduling
6.2.c [ii] Classification, marking

6.3 Network services
6.3.a Implement and troubleshoot first-hop redundancy protocols
6.3.a [i] HSRP, GLBP, VRRP
6.3.a [ii] Redundancy using IPv6 RS/RA
6.3.b Implement and troubleshoot network time protocol
6.3.b [i] NTP master, client, version 3, version 4
6.3.b [ii] NTP Authentication
6.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
6.3.c [i] DHCP client, IOS DHCP server, DHCP relay
6.3.c [ii] DHCP options
6.3.c [iii] DHCP protocol operations
6.3.c [iv] SLAAC/DHCPv6 interaction
6.3.c [v] Stateful, stateless DHCPv6
6.3.c [vi] DHCPv6 prefix delegation
6.3.d Implement and troubleshoot IPv4 network address translation
6.3.d [i] Static NAT, dynamic NAT, policy-based NAT, PAT
6.3.d [ii] NAT ALG
6.3.e Describe IPv6 network address translation
6.3.e [i] NAT64
6.3.e [ii] NPTv6

6.4 Network optimization
6.4.a Implement and troubleshoot IP SLA
6.4.a [i] ICMP, UDP, Jitter, VoIP
6.4.b Implement and troubleshoot tracking object
6.4.b [i] Tracking object, tracking list
6.4.b [ii] Tracking different entities [e.g. interfaces, routes, IPSLA, and such]
6.4.c Implement and troubleshoot netflow
6.4.c [i] Netflow v5, v9
6.4.c [ii] Local retrieval
6.4.c [iii] Export [configuration only]
6.4.d Implement and troubleshoot embedded event manager
6.4.d [i] EEM policy using applet
6.4.e Identify performance routing [PfR]
6.4.e [i] Basic load balancing
6.4.e [ii] Voice optimization

7.0 Evolving Technologies 10%

7.1 Cloud
7.1.a Compare and contrast Cloud deployment models
7.1.a [i] Infrastructure, platform, and software services [XaaS]
7.1.a [ii] Performance and reliability
7.1.a [iii] Security and privacy
7.1.a [iv] Scalability and interoperability
7.1.b Describe Cloud implementations and operations
7.1.b [i] Automation and orchestration
7.1.b [ii] Workload mobility
7.1.b [iii] Troubleshooting and management
7.1.b [iv] OpenStack components

7.2 Network programmability [SDN]
7.2.a Describe functional elements of network programmability [SDN] and how they interact
7.2.a [i] Controllers
7.2.a [ii] APIs
7.2.a [iii] Scripting
7.2.a [iv] Agents
7.2.a [v] Northbound vs. Southbound protocols
7.2.b Describe aspects of virtualization and automation in network environments
7.2.b [i] DevOps methodologies, tools and workflows
7.2.b [ii] Network/application function virtualization [NFV, AFV]
7.2.b [iii] Service function chaining
7.2.b [iv] Performance, availability, and scaling considerations

7.3 Internet of Things
7.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
7.3.a [i] Performance, reliability and scalability
7.3.a [ii] Mobility
7.3.a [iii] Security and privacy
7.3.a [iv] Standards and compliance
7.3.a [v] Migration
7.3.a [vi] Environmental impacts on the network


QUESTION 1
Which regular expression will match prefixes that originated from AS200?

A. ^$
B. ^200_
C. _200$
D. ^200)
E. _200_

Answer: C

Explanation:
Example on how to deny all prefixes originated in Autonomous System 200
router bgp 100
neighbor 10.1.1.1 remote-as 65535 neighbor 10.1.1.1 route-map map1 in
!
route-map map1 permit 10 match as-path 1
!
ip as-path access-list 5 deny _200$ ip as-path access-list 5 permit .*
Reference: http://www.cisco.com/c/en/us/td/docs/ios/termserv/configuration/guide/12_4t/tsv_12_4t_bo ok/tsv_reg_express.html


QUESTION 2
Which two actions can you take to allow the greatest number of pertinent packets to be stored in the temporary buffer of Cisco IOS Embedded Packet Capture? (Choose two.)

A. Specify the sampling interval.
B. Specify the capture buffer type.
C. Specify a reflexive ACL.
D. Specify the minimum packet capture rate.
E. Specify the packet size.
F. Store the capture simultaneously onto an external memory card as the capture occurs.

Answer: A,B

Explanation:
Embedded Packet Capture (EPC) provides an embedded systems management facility that helps in tracing and troubleshooting packets. This feature allows network administrators to capture data packets flowing through, to, and from a Cisco device. The network administrator may define the capture buffer size and type (circular, or linear) and the maximum number of bytes of each packet to capture. The packet capture rate can be throttled using further administrative controls. For example, options allow for filtering the packets to be captured using an Access Control List and, optionally, further defined by specifying a maximum packet capture rate or by specifying a sampling interval.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/epc/configuration/xe-3s/asr1000/epc-xe-3s-asr1000-book/nm-packet-capture-xe.html


QUESTION 3
Which BGP feature enables you to install a backup path in the forwarding table?

A. soft reconfiguration
B. prefix independent convergence
C. route refresh
D. synchronization

Answer: B

Explanation:
To install a backup path into the forwarding table and provide prefix independent convergence (PIC) in case of a PE-CE link failure, use the additional-paths install backup command in an appropriate address family configuration mode. To prevent installing the backup path, use the no form of this command. To disable prefix independent convergence, use the disable keyword.
Reference: http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-2/routing/command/reference/b_routing_cr42crs/b_routing_cr42crs_chapter_01.html


QUESTION 4
What are the minimal configuration steps that are required to configure EIGRP HMAC-SHA2 authentication?

A. classic router mode, interface XX, authentication mode hmac-sha-256 <password>
B. named router mode, address-family statement, authentication mode hmac-sha-256 <password>
C. named router mode, address-family statement, af-interface default, authentication mode hmac-sha-256 <password>
D. named router mode, address-family statement, authentication mode hmac-sha-256 <password>

Answer: C

Explanation:
The example below shows how to configure EIGRP HMAC-SHA2 on Cisco router: Device(config)# router eigrp name1
Device(config-router)# address-family ipv4 autonomous-system 45000 Device(config-router-af)# af-interface ethernet 0/0 Device(config-router-af-interface)# authentication mode hmac-sha-256 0 password1 Device(config-router-af-interface)# end
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-sy/ire-15-sy-book/ire-sha-256.html


QUESTION 5
Which two statements about the OSPF two-way neighbor state are true? (Choose two.)

A. Each neighbor receives its own router ID in a hello packet from the other neighbor.
B. Each neighbor receives a hello message from the other neighbor.
C. It is valid only on NBMA networks.
D. It is valid only on point-to-point networks.
E. Each neighbor receives an acknowledgement of its own hello packet from the other neighbor.
F. Each neighbor receives the router ID of the other neighbor in a hello packet from the other neighbor.

Answer: A,E

Click here to view complete Q&A of 400-101 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 400-101 Certification, Cisco 400-101 Training at certkingdom.com

Posted in CCIE | Tagged , , , , , , , , | Leave a comment

400-051 CCIE Collaboration Written Exam Topics v1.0 and Version 1.1

Exam Number 400-051 CCIE Collaboration
Associated Certifications CCIE Collaboration
Duration 120 minutes (90 – 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks.

Written Exam Topics v1.0 (Recommended for candidates scheduled to take the test BEFORE July 25, 2016)

Written Exam Topics v1.1 (Recommended for candidates scheduled to take the test ON July 25, 2016 and beyond)

Exam Description
The Cisco CCIE® Collaboration Written Exam (400-051) version 1.0 has 90-110 questions and is 2 hours in duration. This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks. The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Collaboration Written Exam Topics v1.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Cisco Collaboration Infrastructure 10%

1.1 Cisco UC Deployment Models

1.2 User management

1.3 IP routing in Cisco Collaboration Solutions

1.4 Virtualization in Cisco Collaboration Solutions

1.4.a UCS
1.4.b VMware
1.4.c Answer files

1.5 Wireless in Cisco Collaboration Solutions

1.6 Network services

1.6.a DNS
1.6.b DHCP
1.6.c TFTP
1.6.d NTP
1.6.e CDP/LLDP

1.7 PoE

1.8 Voice and data VLAN

1.9 IP multicast

1.10 IPv6

2.0 Telephony Standards and Protocols 15%

2.1 SCCP

2.1.a Call flows
2.1.b Call states
2.1.c Endpoint types

2.2 MGCP

2.2.a Call flows
2.2.b Call states
2.2.c Endpoint types

2.3 SIP

2.3.a Call flows
2.3.b Call states
2.3.c DP
2.3.d BFCP

2.4 H.323 and RAS

2.4.a Call flows
2.4.b Call states
2.4.c Gatekeeper
2.4.d H.239

2.5 Voice and video CODECs

2.5.a H.264
2.5.b ILBC
2.5.c ISAC
2.5.d LATM
2.5.e G.722
2.5.f Wide band

2.6 RTP, RTCP, and SRTP

3.0 Cisco Unified Communications Manager (CUCM) 25%

3.1 Device registration and redundancy

3.2 Device settings

3.3 Codec selection

3.4 Call features

3.4.a Call park
3.4.b Call pickup
3.4.c BLF speed dials
3.4.d Native call queuing
3.4.e Call hunting
3.4.f Meet-Me

3.5 Dial plan

3.5.a Globalized call routing
3.5.b Local route group
3.5.c Time-of-day routing
3.5.d Application dial rules
3.5.e Digit manipulations

3.6 Media resources

3.6.a TRP
3.6.b MOH
3.6.c CFB
3.6.d Transcoder and MTP
3.6.e Annunciator
3.6.f MRG and MRGL

3.7 CUCM mobility

3.7.a EM/EMCC
3.7.b Device Mobility
3.7.c Mobile Connect
3.7.d MVA

3.8 CUCM serviceability and OS administration

3.8.a Database replication
3.8.b CDR
3.8.c Service activation
3.8.d CMR

3.9 CUCM disaster recovery

3.10 ILS/URI dialing

3.10.a Directory URI
3.10.b ISL topology
3.10.c Blended addressing

3.11 Call Admission Control

3.11.a CAC/ELCAC
3.11.b RSVP
3.11.c SIP preconditions

3.12 SIP and H.323 trunks

3.12.a SIP trunks
3.12.b H.323 trunks
3.12.c Number presentation and manipulation

3.13 SAF and CCD

3.14 Call recording and silent monitoring

4.0 Cisco IOS UC Applications and Features 20%
4.1 CUCME

4.1.a SCCP phones registration
4.1.b SIP phones Registration
4.1.c SNR

4.2 SRST

4.2.a CME-as-SRST
4.2.b MGCP fallback
4.2.c MMOH in SRST

4.3 CUE

4.3.a AA
4.3.b Scripting
4.3.c Voiceview
4.3.d Web inbox
4.3.e MWI
4.3.f VPIM

4.4 Cisco IOS-based call queuing

4.4.a B-ACD
4.4.b Voice hunt groups
4.4.c Call blast

4.5 Cisco IOS media resources

4.5.a Conferencing
4.5.b Transcoding
4.5.c DSP management

4.6 CUBE

4.6.a Mid-call signaling
4.6.b SIP profiles
4.6.c Early and delayed offer
4.6.d DTMF interworking
4.6.e Box-to-box failover and redundancy

4.7 Fax and modem protocols

4.8 Analog telephony signalling

4.8.a Analog telephony signalling theories (FXS/FXO)
4.8.b Caller ID
4.8.c Line voltage detection
4.8.d THL sweep
4.8.e FXO disconnect
4.8.f Echo

4.9 Digital telephony signalling

4.9.a Digital telephony signalling theories (T1/E1, BRI/PRI/CAS)
4.9.b Q.921 and Q.931
4.9.c QSIG
4.9.d Caller ID
4.9.e R2
4.9.f NFAS

4.10 Cisco IOS dial plan

4.10.a Translation profile
4.10.b Dial-peer matching logics
4.10.c Test commands

4.11 SAF/CCD

4.12 IOS CAC

4.13 IOS accounting

5.0 Quality of Service and Security in Cisco Collaboration Solutions 12%

5.1 QoS: link efficiency

5.1.a LFI
5.1.b MMLPPP
5.1.c FRF.12
5.1.d cRTP
5.1.e VAD

5.2 QoS: classification and marking

5.2.a Voice versus video classification
5.2.b Soft clients versus hard clients
5.2.c Trust boundaries

5.3 QoS: congestion management

5.3.a Layer 2 priorities
5.3.b Low latency queue
5.3.c Traffic policing and shaping

5.4 QoS: medianet

5.5 QoS: wireless QoS

5.6 Security: mixed mode cluster

5.7 Security: secured phone connectivity

5.7.a VPN phones
5.7.b Phone proxy
5.7.c TLS proxy
5.7.d IEEE 802.1x

5.8 Security: default security features

5.9 Security: firewall traversal

5.10 Security: toll fraud

6.0 Cisco Unity Connection  8%

6.1 CUCM and CUCME integration

6.2 Single inbox

6.3 MWI

6.4 Call handlers

6.5 CUC dial plan

6.6 Directory handlers

6.7 CUC features

6.7.a High availability
6.7.b Visual voicemail
6.7.c Voicemail for Jabber

6.8 Voicemail networking

7.0 Cisco Unified Contact Center Express 4%

7.1 UCCX CTI Integration

7.2 ICD functions

7.3 UCCX scripting components

8.0 Cisco Unified IM and Presence 6%

8.1 Cisco Unified IM Presence Components

8.2 CUCM integration

8.3 Cisco Jabber

8.4 Federation

8.5 Presence Cloud Solutions

8.6 Group chat and compliance

CCIE Collaboration Written Exam (400-051) Version 1.1

Exam Description

The Cisco CCIE® Collaboration Written Exam [400-051] version 1.1 has 90-110 questions and is 2 hours in duration. This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks. The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Collaboration Written Exam Topics v1.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)

1.0 Cisco Collaboration Infrastructure 10%

1.1 Cisco UC Deployment Models

1.2 User management

1.3 IP routing in Cisco Collaboration Solutions

1.4 Virtualization in Cisco Collaboration Solutions

1.4.a UCS
1.4.b VMware
1.4.c Answer files

1.5 Wireless in Cisco Collaboration Solutions

1.6 Network services

1.6.a DNS
1.6.b DHCP
1.6.c TFTP
1.6.d NTP
1.6.e CDP/LLDP

1.7 PoE

1.8 Voice and data VLAN

1.9 IP multicast

1.10 IPv6

2.0 Telephony Standards and Protocols 12%

2.1 SCCP

2.1.a Call flows
2.1.b Call states
2.1.c Endpoint types

2.2 MGCP

2.2.a Call flows
2.2.b Call states
2.2.c Endpoint types

2.3 SIP

2.3.a Call flows
2.3.b Call states
2.3.c DP
2.3.d BFCP

2.4 H.323 and RAS

2.4.a Call flows
2.4.b Call states
2.4.c Gatekeeper
2.4.d H.239

2.5 Voice and video CODECs

2.5.a H.264
2.5.b ILBC
2.5.c ISAC
2.5.d LATM
2.5.e G.722
2.5.f Wide band

2.6 RTP, RTCP, and SRTP

3.0 Cisco Unified Communications Manager [CUCM] 22%

3.1 Device registration and redundancy

3.2 Device settings

3.3 Codec selection

3.4 Call features

3.4.a Call park
3.4.b Call pickup
3.4.c BLF speed dials
3.4.d Native call queuing
3.4.e Call hunting
3.4.f Meet-Me

3.5 Dial plan

3.5.a Globalized call routing
3.5.b Local route group
3.5.c Time-of-day routing
3.5.d Application dial rules
3.5.e Digit manipulations

3.6 Media resources

3.6.a TRP
3.6.b MOH
3.6.c CFB
3.6.d Transcoder and MTP
3.6.e Annunciator
3.6.f MRG and MRGL

3.7 CUCM mobility

3.7.a EM/EMCC
3.7.b Device Mobility
3.7.c Mobile Connect
3.7.d MVA

3.8 CUCM serviceability and OS administration

3.8.a Database replication
3.8.b CDR
3.8.c Service activation
3.8.d CMR

3.9 CUCM disaster recovery

3.10 ILS/URI dialing

3.10.a Directory URI
3.10.b ISL topology
3.10.c Blended addressing

3.11 Call Admission Control

3.11.a CAC/ELCAC
3.11.b RSVP
3.11.c SIP preconditions

3.12 SIP and H.323 trunks

3.12.a SIP trunks
3.12.b H.323 trunks
3.12.c Number presentation and manipulation

3.13 SAF and CCD

3.14 Call recording and silent monitoring

4.0 Cisco IOS UC Applications and Features 16%

4.1 CUCME

4.1.a SCCP phones registration
4.1.b SIP phones Registration
4.1.c SNR

4.2 SRST

4.2.a CME-as-SRST
4.2.b MGCP fallback
4.2.c MMOH in SRST

4.3 CUE

4.3.a AA
4.3.b Scripting
4.3.c Voiceview
4.3.d Web inbox
4.3.e MWI
4.3.f VPIM

4.4 Cisco IOS-based call queuing

4.4.a B-ACD
4.4.b Voice hunt groups
4.4.c Call blast

4.5 Cisco IOS media resources

4.5.a Conferencing
4.5.b Transcoding
4.5.c DSP management

4.6 CUBE

4.6.a Mid-call signaling
4.6.b SIP profiles
4.6.c Early and delayed offer
4.6.d DTMF interworking
4.6.e Box-to-box failover and redundancy

4.7 Fax and modem protocols

4.8 Analog telephony signalling

4.8.a Analog telephony signalling theories [FXS/FXO]
4.8.b Caller ID
4.8.c Line voltage detection
4.8.d THL sweep
4.8.e FXO disconnect
4.8.f Echo

4.9 Digital telephony signalling

4.9.a Digital telephony signalling theories [T1/E1, BRI/PRI/CAS]
4.9.b Q.921 and Q.931
4.9.c QSIG
4.9.d Caller ID
4.9.e R2
4.9.f NFAS

4.10 Cisco IOS dial plan

4.10.a Translation profile
4.10.b Dial-peer matching logics
4.10.c Test commands

4.11 SAF/CCD

4.12 IOS CAC

4.13 IOS accounting

5.0 Quality of Service and Security in Cisco Collaboration Solutions 12%

5.1 QoS: link efficiency

5.1.a LFI
5.1.b MMLPPP
5.1.c FRF.12
5.1.d cRTP
5.1.e VAD

5.2 QoS: classification and marking

5.2.a Voice versus video classification
5.2.b Soft clients versus hard clients
5.2.c Trust boundaries

5.3 QoS: congestion management

5.3.a Layer 2 priorities
5.3.b Low latency queue
5.3.c Traffic policing and shaping

5.4 QoS: medianet

5.5 QoS: wireless QoS

5.6 Security: mixed mode cluster

5.7 Security: secured phone connectivity

5.7.a VPN phones
5.7.b Phone proxy
5.7.c TLS proxy
5.7.d IEEE 802.1x

5.8 Security: default security features

5.9 Security: firewall traversal

5.10 Security: toll fraud

6.0 Cisco Unity Connection 8%

6.1 CUCM and CUCME integration

6.2 Single inbox

6.3 MWI

6.4 Call handlers

6.5 CUC dial plan

6.6 Directory handlers

6.7 CUC features

6.7.a High availability
6.7.b Visual voicemail
6.7.c Voicemail for Jabber

6.8 Voicemail networking

7.0 Cisco Unified Contact Center Express 4%

7.1 UCCX CTI Integration

7.2 ICD functions

7.3 UCCX scripting components

8.0 Cisco Unified IM and Presence 6%

8.1 Cisco Unified IM Presence Components

8.2 CUCM integration

8.3 Cisco Jabber

8.4 Federation

8.5 Presence Cloud Solutions

8.6 Group chat and compliance

9.0 Evolving Technologies 10%

9.1 Cloud

9.1.a Compare and contrast Cloud deployment models
9.1.a [i] Infrastructure, platform, and software services [XaaS]
9.1.a [ii] Performance and reliability
9.1.a [iii] Security and privacy
9.1.a [iv] Scalability and interoperability
9.1.b Describe Cloud implementations and operations
9.1.b [i] Automation and orchestration
9.1.b [ii] Workload mobility
9.1.b [iii] Troubleshooting and management
9.1.b [iv] OpenStack components

9.2 Network programmability [SDN]

9.2.a Describe functional elements of network programmability [SDN] and how they interact
9.2.a [i] Controllers
9.2.a [ii] APIs
9.2.a [iii] Scripting
9.2.a [iv] Agents
9.2.a [v] Northbound vs. Southbound protocols
9.2.b Describe aspects of virtualization and automation in network environments
9.2.b [i] DevOps methodologies, tools and workflows
9.2.b [ii] Network/application function virtualization [NFV, AFV]
9.2.b [iii] Service function chaining
9.2.b [iv] Performance, availability, and scaling considerations

9.3 Internet of Things

9.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
9.3.a [i] Performance, reliability and scalability
9.3.a [ii] Mobility
9.3.a [iii] Security and privacy
9.3.a [iv] Standards and compliance
9.3.a [v] Migration
9.3.a [vi] Environmental impacts on the network


 

QUESTION 1
A SIP carried delivers DIDs to a Cisco Unified Border Element in the form of +155567810XX,
where the last two digits could be anything from 00 to 99. To match the internal dial plan, that
number must be changed to 6785XXX, where the last two digits should be retained. Which two
translation profiles create the required outcome? (Choose two)

A. rule 1 /555\(.*\).*\(.*\)/ /\150\2/
B. rule 1 /+ 1555\(…\).\(…\)$/ /\15\2/
C. rule 1 /^\+ 1555\(678\)10\(..\)$/ /\150\2/
D. rule 1 /^15+678\(… .\)/678\1/
E. rule 1 /.15+678?10?\(..\)/ /67850\1/

Answer: C,E
Explanation:


QUESTION 2
Which Cisco Unified CM service is responsible for detecting new Call Detail Records files and
transferring them to the CDR Repository node?

A. Cisco CallManager
B. Cisco CDR Repository Manager
C. Cisco SOAP-CDRonDemand Service
D. Cisco Extended Functions
E. Cisco CDR Agent

Answer: E
Explanation:


QUESTION 3
Users report that they are unable to control their Cisco 6941 desk phone from their Jabber client,
but the Jabber client works as a soft phone. Which two configuration changes allow this? (Choose two)

A. Assign group “Standard CTI Allow Control of Phones supporting Connected Xfer and Conf” to the user.
B. Set the End User page to the Primary Extension on the desk phone.
C. Set the Owner User ID on the desk phone.
D. Assign group “Standard CTI Enabled User Group” to the user.
E. Assign group “Standard CTI Allow Control of Phones Supporting Rollover Mode” to the user.

Answer: A,E
Explanation:


QUESTION 4
Which two parameters, in the reply of an MGCP gateway to an Audit Endpoint message, indicate
to a Cisco Unified CM that it has an active call on an endpoint? (Choose two)

A. Bearer Information
B. Call ID
C. Capabilities
D. Connection ID
E. Connection Parameters
F. Connection Mode

Answer: A,D
Explanation:


QUESTION 5
Where the administrator can reset all database replication and initiate a broadcast of all tables on
a Cisco Unified CM cluster running version 9.1?

A. Real Time Monitoring Tool
B. Cisco Unified Serviceability
C. Cisco Unified OS Administration
D. Cisco Unified CM CLI
E. Disaster Recovery System

Answer: D
Explanation:


QUESTION 6
During a Cisco Connection extension greeting, callers can press a single key to be transferred to a
specific extension. However, callers report that the system does not process the call immediately
after pressing the key. Which action resolves this issue?

A. Reduce Caller Input timeout in Cisco Unity Connection Service Parameters.
B. Lower the timer Wait for Additional Digits on the Caller input page.
C. Enable Ignore Additional Input on the Edit Caller input page for the selected key.
D. Enable Prepend Digits to Dialed Extensions and configure complete extension number on the
Edit Caller input page for the selected key.
E. Reduce Caller input timeout in Cisco Unity Connection Enterprise Parameters.

Answer: C
Explanation:

Click here to view complete Q&A of 400-051 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 400-051 Certification, Cisco 400-051 Training at certkingdom.com

Posted in CCIE | Tagged , , , , , , , , | Leave a comment

352-001 CCDE Design Written Exam v2.0 and v2.1

Exam Number 352-001 CCDE
Associated Certifications CCDE
Duration 120 minutes (90 – 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

Cisco CCDE Written Exam will validate that professionals have the expertise to gather and clarify network functional requirements, develop network designs to meet functional specifications, develop an implementation plan, convey design decisions and their rationale, and possess expert-level network infrastructure knowledge.

Exam Description
Cisco CCDE® Written Exam (352-001) version 2 is a 2-hour test with 90−110 questions that will validate that professionals have the expertise to gather and clarify network functional requirements, develop network designs to meet functional specifications, develop an implementation plan, convey design decisions and their rationale, and possess expert-level network infrastructure knowledge. The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCDE Written Exam Topics v2.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Layer 2 Control Plane 26%

1.1 Describe fast convergence techniques and mechanisms

1.1.a Down detection
1.1.b Interface dampening

1.2 Describe loop detection and mitigation protocols

1.2.a Spanning tree types
1.2.b Spanning tree tuning techniques

1.3 Describe mechanisms that are available for creating loop-free topologies

1.3.a REP
1.3.b Multipath
1.3.c Switch clustering
1.3.d Flex links
1.3.e Loop detection and mitigation

1.4 Describe the effect of transport mechanisms and their interaction with routing protocols over different types of links

1.5 Describe multicast routing concepts

1.6 Describe the effect of fault isolation and resiliency on network design

1.6.a Fault isolation
1.6.b Fate sharing
1.6.c Redundancy
1.6.d Virtualization
1.6.e Segmentation

2.0 Layer 3 Control Plane 37%

2.1 Describe route aggregation concepts and techniques

2.1.a Purpose of route aggregation
2.1.b When to leak routes / avoid suboptimal routing
2.1.c Determine aggregation location and techniques

2.2 Describe the theory and application of network topology layering

2.2.a Layers and their purposes in various environments

2.3 Describe the theory and application of network topology abstraction

2.3.a Purpose of link state topology summarization
2.3.b Use of link state topology summarization

2.4 Describe the effect of fault isolation and resiliency on network design or network reliability

2.4.a Fault isolation
2.4.b Fate sharing
2.4.c Redundancy

2.5 Describe metric-based traffic flow and modification

2.5.a Metrics to modify traffic flow
2.5.b Third-party next hop

2.6 Describe fast convergence techniques and mechanisms

2.6.a Protocol timers
2.6.b Loop-free alternates

2.7 Describe factors affecting convergence

2.7.a Recursion
2.7.b Microloops
2.7.c Transport

2.8 Describe unicast routing protocol operation (OSPF, EIGRP, ISIS, BGP, and RIP) in relation to network design

2.8.a Neighbor relationships
2.8.b Loop-free paths
2.8.c Flooding domains and stubs
2.8.d iBGP scalability

2.9 Analyze operational costs and complexity

2.9.a Routing policy
2.9.b Redistribution methods

2.10 Describe the interaction between routing protocols and topologies

2.11 Describe generic routing and addressing concepts

2.11.a Policy-based routing
2.11.b NAT
2.11.c Subnetting
2.11.d RIB-FIB relationships

2.12 Describe multicast routing concepts

2.12.a General multicast concepts
2.12.b Source specific
2.12.c MSDP/anycast
2.12.d PIM
2.12.e mVPN

2.13 Describe IPv6 concepts and operation

2.13.a General IPv6 concepts
2.13.b IPv6 security
2.13.c IPv6 transition techniques

3.0 Network Virtualization 17%

3.1 Describe Layer 2 and Layer 3 tunnelling technologies

3.1.a Tunnelling for security
3.1.b Tunnelling for network extension
3.1.c Tunnelling for resiliency
3.1.d Tunnelling for protocol integration
3.1.e Tunnelling for traffic optimization

3.2 Analyze the implementation of tunnelling

3.2.a Tunnelling technology selection
3.2.b Tunnelling endpoint selection
3.2.c Tunnelling parameter optimization of end-user applications
3.2.d Effects of tunnelling on routing
3.2.e Routing protocol selection and tuning for tunnels

4.0 Design Considerations 20%

4.1 Analyze various QoS performance metrics

4.1.a Application requirements
4.1.b Performance metrics

4.2 Describe types of QoS techniques

4.2.a Classification and marking
4.2 b Shaping
4.2.c Policing
4.2.d Queuing

4.3 Identify QoS strategies based on customer requirements

4.3.a DiffServ
4.3.b IntServ

4.4 Identify network management requirements

4.5 Identify network application reporting requirements

4.6 Describe technologies, tools, and protocols that are used for network management

4.7 Describe the reference models and processes that are used in network management, such as FCAPS, ITIL®), and TOGAF

4.8 Describe best practices for protecting network infrastructure

4.8.a Secure administrative access
4.8.b Control plane protection

4.9 Describe best practices for protecting network services

4.9.a Deep packet inspection
4.9.b Data plane protection

4.10 Describe tools and technologies for identity management

4.11 Describe tools and technologies for IEEE 802.11 wireless deployment

4.12 Describe tools and technologies for optical deployment

4.13 Describe tools and technologies for SAN fabric deployment
CCDE Written Exam (352-001) Version 2.1

Exam Description
Cisco CCDE® Written Exam [352-001] version 2.1 is a 2-hour test with 90−110 questions that test a candidate’s combined knowledge of routing protocols, internetworking theory and design principles. The exam assesses a candidate’s understanding of network design in the areas of routing, tunneling, Quality of Service, Management, Cost, Capacity, and Security. This exam combines in-depth technical concepts with Network Design principles and is intended for a Network Professional with at least 7 years of experience in Network Engineering or Advanced Network Design. Product-specific knowledge including version of code, implementation and operations specific concepts is not tested on the CCDE exam. The exam is closed book and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCDE Written Exam Topics v2.1 (Recommended for candidates who are scheduled to take the exam on July 25, 2016 and beyond)

1.0 Layer 2 Control Plane 24%

1.1 Describe fast convergence techniques and mechanisms

1.1.a Down detection
1.1.b Interface dampening

1.2 Describe loop detection and mitigation protocols

1.2.a Spanning tree types
1.2.b Spanning tree tuning techniques

1.3 Describe mechanisms that are available for creating loop-free topologies

1.3.a REP
1.3.b Multipath
1.3.c Switch clustering
1.3.d Flex links
1.3.e Loop detection and mitigation

1.4 Describe the effect of transport mechanisms and their interaction with routing protocols over different types of links

1.5 Describe multicast routing concepts

1.6 Describe the effect of fault isolation and resiliency on network design

1.6.a Fault isolation
1.6.b Fate sharing
1.6.c Redundancy
1.6.d Virtualization
1.6.e Segmentation

2.0 Layer 3 Control Plane 33%

2.1 Describe route aggregation concepts and techniques

2.1.a Purpose of route aggregation
2.1.b When to leak routes / avoid suboptimal routing
2.1.c Determine aggregation location and techniques

2.2 Describe the theory and application of network topology layering

2.2.a Layers and their purposes in various environments

2.3 Describe the theory and application of network topology abstraction

2.3.a Purpose of link state topology summarization
2.3.b Use of link state topology summarization

2.4 Describe the effect of fault isolation and resiliency on network design or network reliability

2.4.a Fault isolation
2.4.b Fate sharing
2.4.c Redundancy

2.5 Describe metric-based traffic flow and modification

2.5.a Metrics to modify traffic flow
2.5.b Third-party next hop

2.6 Describe fast convergence techniques and mechanisms

2.6.a Protocol timers
2.6.b Loop-free alternates

2.7 Describe factors affecting convergence

2.7.a Recursion
2.7.b Microloops
2.7.c Transport

2.8 Describe unicast routing protocol operation [OSPF, EIGRP, ISIS, BGP, and RIP] in relation to network design

2.8.a Neighbor relationships
2.8.b Loop-free paths
2.8.c Flooding domains and stubs
2.8.d iBGP scalability

2.9 Analyze operational costs and complexity

2.9.a Routing policy
2.9.b Redistribution methods

2.10 Describe the interaction between routing protocols and topologies

2.11 Describe generic routing and addressing concepts

2.11.a Policy-based routing
2.11.b NAT
2.11.c Subnetting
2.11.d RIB-FIB relationships

2.12 Describe multicast routing concepts

2.12.a General multicast concepts
2.12.b Source specific
2.12.c MSDP/anycast
2.12.d PIM
2.12.e mVPN

2.13 Describe IPv6 concepts and operation

2.13.a General IPv6 concepts
2.13.b IPv6 security
2.13.c IPv6 transition techniques

3.0 Network Virtualization 15%

3.1 Describe Layer 2 and Layer 3 tunnelling technologies

3.1.a Tunnelling for security
3.1.b Tunnelling for network extension
3.1.c Tunnelling for resiliency
3.1.d Tunnelling for protocol integration
3.1.e Tunnelling for traffic optimization

3.2 Analyze the implementation of tunnelling

3.2.a Tunnelling technology selection
3.2.b Tunnelling endpoint selection
3.2.c Tunnelling parameter optimization of end-user applications
3.2.d Effects of tunnelling on routing
3.2.e Routing protocol selection and tuning for tunnels

4.0 Design Considerations 18%

4.1 Analyze various QoS performance metrics

4.1.a Application requirements
4.1.b Performance metrics

4.2 Describe types of QoS techniques

4.2.a Classification and marking
4.2 b Shaping
4.2.c Policing
4.2.d Queuing

4.3 Identify QoS strategies based on customer requirements

4.3.a DiffServ
4.3.b IntServ

4.4 Identify network management requirements

4.5 Identify network application reporting requirements

4.6 Describe technologies, tools, and protocols that are used for network management

4.7 Describe the reference models and processes that are used in network management, such as FCAPS, ITIL®, and TOGAF

4.8 Describe best practices for protecting network infrastructure

4.8.a Secure administrative access
4.8.b Control plane protection

4.9 Describe best practices for protecting network services

4.9.a Deep packet inspection
4.9.b Data plane protection

4.10 Describe tools and technologies for identity management

4.11 Describe tools and technologies for IEEE 802.11 wireless deployment

4.12 Describe tools and technologies for optical deployment

4.13 Describe tools and technologies for SAN fabric deployment

5.0 Evolving Technologies 10%

5.1 Cloud

5.1.a Compare and contrast Cloud deployment models
5.1.a [i] Infrastructure, platform, and software services [XaaS]
5.1.a [ii] Performance and reliability
5.1.a [iii] Security and privacy
5.1.a [iv] Scalability and interoperability
5.1.b Describe Cloud implementations and operations
5.1.b [i] Automation and orchestration
5.1.b [ii] Workload mobility
5.1.b [iii] Troubleshooting and management
5.1.b [iv] OpenStack components

5.2 Network programmability [SDN]

5.2.a Describe functional elements of network programmability [SDN] and how they interact
5.2.a [i] Controllers
5.2.a [ii] APIs
5.2.a [iii] Scripting
5.2.a [iv] Agents
5.2.a [v] Northbound vs. Southbound protocols
5.2.b Describe aspects of virtualization and automation in network environments
5.2.b [i] DevOps methodologies, tools and workflows
5.2.b [ii] Network/application function virtualization [NFV, AFV]
5.2.b [iii] Service function chaining
5.2.b [iv] Performance, availability, and scaling considerations

5.3 Internet of Things

5.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
5.3.a [i] Performance, reliability and scalability
5.3.a [ii] Mobility
5.3.a [iii] Security and privacy
5.3.a [iv] Standards and compliance
5.3.a [v] Migration
5.3.a [vi] Environmental impacts on the network

QUESTION 1
A network designer is redesigning an enterprise campus network to ensure that Ethernet switches
proactively attempt to reconnect after a fiber cut. In the design, they will have to address areas
where fiber cuts exist on campus from past troubleshooting, where a single fiber is disconnected in
the fiber pair, leading to looping. Which feature could be implemented in the design to allow the
Spanning Tree Protocol on the switches to be protected?

A. loop guard
B. UniDirectional Link Detection
C. UniDirectional Link Detection aggressive mode
D. root guard

Answer: C

Explanation:


QUESTION 2
A switched network is being designed to support a manufacturing factory. Due to cost constraints,
fiber-based connectivity is not an option. Which design allows for a stable network when there is a
risk of interference from the manufacturing hardware in use on the factory floor?

A. Design the network to include UDLD to detect unidirectional links and take them out of service.
B. Design the network to include EtherChannel bundles to prevent a single-link failure from taking
down a switch interconnection point.
C. Design the network to include loop guard to prevent a loop in the switched network when a link
has too much interference.
D. Design the network to include BackboneFast on all devices to accelerate failure convergence
times.

Answer: A

Explanation:


QUESTION 3
A service provider has a Resilient Ethernet Protocol ring running as a metro backbone between its
locations in one city. A customer wants to connect one site with one box redundant to the Resilient
Ethernet Protocol ring at two different service provider locations. How can this be done without
producing any Layer 2 loops within the network design?

A. Spanning tree at the service provider side only must be enabled.
B. Spanning tree at the customer side only must be enabled.
C. Flex Links at the service provider side only must be enabled.
D. Flex Links at the customer side only must be enabled.
E. EtherChannel at the service provider side and the customer side must be enabled.
F. Spanning tree at the service provider side and the customer side must be enabled.
G. Flex Links at the service provider side and the customer side must be enabled.

Answer: D

Explanation:


QUESTION 4
You have created a network design that has two point-to-point Metro Ethernet circuits extending a
single production VLAN between two data centers. Under normal circumstances, one circuit will
carry traffic and spanning tree will block the other. If the company wants you to make use of both
circuits to carry production traffic, which two technologies and features will you investigate to
integrate into your network design? (Choose two.)

A. EtherChannel
B. MST
C. Multichassis EtherChannel
D. PVST+

Answer: A,C

Explanation:


QUESTION 5
Voice traffic between two campus enterprise networks is growing. The network designers decide
to add a second 10-Mb Metro Ethernet service parallel to their original 10-Mb service in order to
provide more bandwidth and diversity. The QoS profile will be the same on the new 10-Mb service
due to the voice stability on the first Metro Ethernet link. When the second link is added to the
OSPF domain, which traffic design consideration would have the most impact on the voice traffic
when both links are active?

A. per-destination IP address basis
B. per-flow basis
C. per-packet basis
D. per-source IP address basis

Answer: C

Explanation:

Click here to view complete Q&A of 352-001 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco 352-001 Certification, Cisco 352-001 Training at certkingdom.com

 

Posted in CCDE | Tagged , , , , , , , , | Leave a comment